| |
| |||||||
Log-Analyse und Auswertung: System reagiert(e) träge, Funde mit Adwcleaner und MalwarebytesWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
14.06.2016, 17:51
| #1 |
 |  System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes Moin Moin, ich habe ein System, dass sehr träge reagierte und von mir als erste Maßnahme mit Malwarebytes und Adwcleaner bereinigt wurde - das hat die Performance auch schon etwas gesteigert, ich bitte daher um Auswertung der Logs, ob noch Auffälligkeiten zu finden sind. Die Addition.txt passt nicht mehr in die Zeichengrenze jeh Post ... Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 12.06.2016 Suchlaufzeit: 19:55 Protokolldatei: mbam.txt Administrator: Nein Version: 2.2.1.1043 Malware-Datenbank: v2016.06.12.03 Rootkit-Datenbank: v2016.05.27.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Sany Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 260863 Abgelaufene Zeit: 28 Min., 22 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 8 Trojan.ProxyHijacker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}, Löschen bei Neustart, [f2217b815e3b3ef8b29b6d1c3bc7d030], Trojan.ProxyHijacker, HKLM\SOFTWARE\CLASSES\TweakBit PCRepairKit v1.6.10.DynamicNS, Löschen bei Neustart, [f2217b815e3b3ef8b29b6d1c3bc7d030], Trojan.ProxyHijacker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TweakBit PCRepairKit v1.6.10.DynamicNS, Löschen bei Neustart, [f2217b815e3b3ef8b29b6d1c3bc7d030], Trojan.ProxyHijacker, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TweakBit PCRepairKit v1.6.10.DynamicNS, Löschen bei Neustart, [f2217b815e3b3ef8b29b6d1c3bc7d030], Trojan.ProxyHijacker, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}, Löschen bei Neustart, [f2217b815e3b3ef8b29b6d1c3bc7d030], PUP.Optional.TweakBit, HKLM\SOFTWARE\WOW6432NODE\TWEAKBIT\ATPopups, Löschen bei Neustart, [8093a6565148d6601cc87b427c86f709], PUP.Optional.TweakBit, HKLM\SOFTWARE\WOW6432NODE\TWEAKBIT\ATUpdaters, Löschen bei Neustart, [d53e7e7e59400135c0e9842714efb54b], PUP.Optional.TweakBit, HKLM\SOFTWARE\WOW6432NODE\TWEAKBIT\Google Analytics Package, Löschen bei Neustart, [c44f5ba14a4f89ad406b367545beee12], Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v5.119 - Logfile created 12/06/2016 at 20:42:13
# Updated 30/05/2016 by Xplode
# Database : 2016-06-12.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (X64)
# Username : Sandra Nicola - SCHNUBBI
# Running from : C:\Users\Sany\Desktop\AdwCleaner_5.119.exe
# Option : Scan
# Support : hxxp://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
Folder Found : C:\ProgramData\TweakBit
Folder Found : C:\ProgramData\Application Data\TweakBit
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Folder Found : C:\Program Files (x86)\myfree codec
Folder Found : C:\Users\Sandra Nicola\AppData\Local\Mobogenie
Folder Found : C:\Users\Sandra Nicola\AppData\Roaming\DesktopIconForAmazon
Folder Found : C:\Users\Sandra Nicola\AppData\Roaming\dvdvideosoftiehelpers
Folder Found : C:\Users\Sandra Nicola\AppData\Roaming\OCS
Folder Found : C:\Users\Sandra Nicola\Documents\Mobogenie
Folder Found : C:\Users\Sany\AppData\Local\Winamp Toolbar
Folder Found : \extensions
***** [ Files ] *****
File Found : C:\Users\Sandra Nicola\daemonprocess.txt
File Found : C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\foxydeal.sqlite
File Found : C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\searchplugins\11-suche.xml
File Found : C:\Users\Sany\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.watch4.com_0.localstorage
File Found : C:\Users\Sany\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.watch4.com_0.localstorage-journal
File Found : \user.js
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [dnshelp@dnshelp.com]
Key Found : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Key Found : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Key Found : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Myfree Codec
Key Found : HKCU\Software\OCS
Key Found : HKLM\SOFTWARE\Myfree Codec
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Key Found : HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\Conduit
Key Found : HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\Myfree Codec
Key Found : HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\OCS
Key Found : HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Found : HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\Software\Conduit
Key Found : HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\Software\Myfree Codec
Key Found : HKU\S-1-5-21-3682184643-4074992415-2154467960-1043\Software\Myfree Codec
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
Data Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {721061fb-eb79-4568-a03c-3ce26d68dae9}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {721061fb-eb79-4568-a03c-3ce26d68dae9}
Key Found : HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
Data Found : HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {721061fb-eb79-4568-a03c-3ce26d68dae9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\euask.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.euask.com
***** [ Web browsers ] *****
[C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\prefs.js] Found : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
[C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\prefs.js] Found : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
[C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Found : hxxp://www.firetab.org/?type=ds3hp
[C:\Users\Sany\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Found : hxxp://www.firetab.org/?type=ds3hp
*************************
\AdwCleaner\AdwCleaner[S1].txt - [5680 bytes] - [12/06/2016 20:42:13]
########## EOF - \AdwCleaner\AdwCleaner[S1].txt - [5751 bytes] ##########
Code:
ATTFilter # AdwCleaner v5.119 - Logfile created 12/06/2016 at 20:51:04
# Updated 30/05/2016 by Xplode
# Database : 2016-06-12.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (X64)
# Username : Sandra Nicola - SCHNUBBI
# Running from : C:\Users\Sany\Desktop\AdwCleaner_5.119.exe
# Option : Clean
# Support : hxxp://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\ProgramData\TweakBit
[#] Folder Deleted : C:\ProgramData\Application Data\TweakBit
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Folder Deleted : C:\Program Files (x86)\myfree codec
[-] Folder Deleted : C:\Users\Sandra Nicola\AppData\Local\Mobogenie
[-] Folder Deleted : C:\Users\Sandra Nicola\AppData\Roaming\DesktopIconForAmazon
[-] Folder Deleted : C:\Users\Sandra Nicola\AppData\Roaming\dvdvideosoftiehelpers
[-] Folder Deleted : C:\Users\Sandra Nicola\AppData\Roaming\OCS
[-] Folder Deleted : C:\Users\Sandra Nicola\Documents\Mobogenie
[-] Folder Deleted : C:\Users\Sany\AppData\Local\Winamp Toolbar
[-] Folder Deleted : \extensions
***** [ Files ] *****
[-] File Deleted : C:\Users\Sandra Nicola\daemonprocess.txt
[-] File Deleted : C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\foxydeal.sqlite
[-] File Deleted : C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\searchplugins\11-suche.xml
[-] File Deleted : C:\Users\Sany\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.watch4.com_0.localstorage
[-] File Deleted : C:\Users\Sany\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.watch4.com_0.localstorage-journal
[-] File Deleted : \user.js
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [dnshelp@dnshelp.com]
[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\Myfree Codec
[-] Key Deleted : HKCU\Software\OCS
[-] Key Deleted : HKLM\SOFTWARE\Myfree Codec
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
[-] Key Deleted : HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\Software\Conduit
[-] Key Deleted : HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\Software\Myfree Codec
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Data Restored : HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\euask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.euask.com
***** [ Web browsers ] *****
[-] [C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\prefs.js] Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
[-] [C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\prefs.js] Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
[-] [C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://www.firetab.org/?type=ds3hp
[-] [C:\Users\Sany\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://www.firetab.org/?type=ds3hp
*************************
:: "Tracing" keys deleted
:: Proxy settings cleared
:: Winsock settings cleared
:: IE policies deleted
:: Chrome policies deleted
*************************
\AdwCleaner\AdwCleaner[C1].txt - [5411 bytes] - [12/06/2016 20:51:04]
\AdwCleaner\AdwCleaner[S1].txt - [5828 bytes] - [12/06/2016 20:42:13]
########## EOF - \AdwCleaner\AdwCleaner[C1].txt - [5553 bytes] ##########
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-06-2016 01
Ran by Sandra Nicola (administrator) on SCHNUBBI (12-06-2016 21:32:34)
Running from C:\Users\Sany\Desktop
Loaded Profiles: Sandra Nicola & Sany & UpdatusUser (Available Profiles: Sandra Nicola & Sany & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Englisch (USA)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
() C:\Users\Sany\AppData\Local\Amazon Music\Amazon Music Helper.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHLE.EXE
(Miranda IM) C:\Program Files (x86)\MirandaFusion\miranda32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Sany\AppData\Roaming\Dropbox\bin\Dropbox.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860040 2010-10-29] (Acer Incorporated)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3351248 2015-09-09] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7405752 2016-06-10] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM\...\RunOnce: [*Restore] => C:\Windows\System32\rstrui.exe [296960 2016-04-09] (Microsoft Corporation)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [415232 2009-07-14] (Microsoft Corporation)
HKLM\...\RunOnce: [MSPCLOCK] => rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\RunOnce: [MSPQM] => rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\RunOnce: [MSKSSRV] => rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\RunOnce: [MSTEE.CxTransform] => rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interf (the data entry has 11 more characters).
HKLM\...\RunOnce: [MSTEE.Splitter] => rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interf (the data entry has 11 more characters).
HKLM\...\RunOnce: [WDM_DRMKAUD] => rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD. (the data entry has 17 more characters).
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\2322d091-33a3-4322-9ee4-4df0d4ac8d82.exe [168336 2016-01-21] (AVAST Software)
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000001] => "C:\Windows\is-SAIVE.exe" /REG /REGSVRMODE
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000002] => "C:\Windows\is-F60Q9.exe" /REG /REGSVRMODE
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000003] => "C:\Windows\is-AEUAP.exe" /REG /REGSVRMODE
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2015-10-05] (Malwarebytes)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [GoogleChromeAutoLaunch_D8107CCCFBFF2A4366A2C687393EC971] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-06-04] (Google Inc.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [BingSvc] => C:\Users\Sandra Nicola\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [Miranda Fusion] => C:\Program Files (x86)\MirandaFusion\fusiontools\mfstart.exe [1121824 2015-11-08] (Miranda Fusion Team)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[C1].txt
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Miranda Fusion] => C:\Program Files (x86)\MirandaFusion\fusiontools\mfstart.exe [1121824 2015-11-08] (Miranda Fusion Team)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [ABBYY Screenshot Reader Bonus] => "C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint\Bonus.ScreenshotReader.exe" -autorun
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Amazon Music] => C:\Users\Sany\AppData\Local\Amazon Music\Amazon Music Helper.exe [5890368 2015-11-18] ()
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Dropbox Update] => C:\Users\Sany\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [GoogleChromeAutoLaunch_26CFC6DA14F856D58D6B043755960AA3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-06-04] (Google Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-04] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
Startup: C:\Users\Sandra Nicola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launch Jawbone Updater.lnk [2015-04-22]
ShortcutTarget: Launch Jawbone Updater.lnk -> C:\Program Files (x86)\Jawbone\LaunchJU.exe ()
Startup: C:\Users\Sany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-06-04]
ShortcutTarget: Dropbox.lnk -> C:\Users\Sandra Nicola\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{CA6C2E5B-F789-438E-98CC-4F038A4F400C}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=de-de
SearchScopes: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-10] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-05-04] (AVAST Software)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-10] (Oracle Corporation)
BHO: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-05-04] (AVAST Software)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
FireFox:
========
FF ProfilePath: C:\Users\Sandra Nicola\AppData\Roaming\Mozilla\Firefox\Profiles\5ls1riua.default-1442688592423
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-10] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-08-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-08-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-08-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nppl3260.dll [2010-02-04] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nprpjplug.dll [2010-02-04] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-20] (Nullsoft, Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-04]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-04]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://de.ogame.gameforge.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Cast) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-09-19]
CHR Extension: (Adblock Plus) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-19]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2015-09-19]
CHR Extension: (Tampermonkey) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-09-19]
CHR Extension: (Bookmark Manager) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-09-19]
CHR Extension: (Avast Online Security) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-19]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-19]
CHR Extension: (AntiGameOrigin) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldbahlcmhmlpomdepooifmhnalokdhgm [2015-04-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-19]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-04] (AVAST Software)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-11] (Digital Wave Ltd.)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [145624 2015-09-09] (ELAN Microelectronics Corp.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [579904 2015-04-30] (WiseCleaner.com)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
S2 楗敳潂瑯獁楳瑳湡t; 㩃停潲牧浡䘠汩獥⠠㡸⤶坜獩履楗敳䌠牡㘳尵潂瑯楔敭攮數 [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-04] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-04] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30960 2015-05-29] (Intel Corporation)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52320 2014-08-15] (hxxp://libusb-win32.sourceforge.net)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-12] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-03-29] (Intel Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19936 2011-09-02] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2011-09-02] ()
S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [11616 2001-08-25] () [File not signed]
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33448 2014-12-11] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2610808 2011-04-06] (Sunplus Technology)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2015-05-25] (Seiko Epson Corporation)
S3 WiseHDInfo; C:\Program Files (x86)\Wise\Wise Care 365\WiseHDInfo64.dll [11304 2014-06-04] (wisecleaner.com) [File not signed]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-12 21:25 - 2016-06-12 21:26 - 00037335 _____ C:\Users\Sany\Desktop\Addition.txt
2016-06-12 21:23 - 2016-06-12 21:32 - 00024661 _____ C:\Users\Sany\Desktop\FRST.txt
2016-06-12 21:23 - 2016-06-12 21:32 - 00000000 ____D C:\FRST
2016-06-12 21:23 - 2016-06-12 21:23 - 02385408 _____ (Farbar) C:\Users\Sany\Desktop\FRST64.exe
2016-06-12 20:38 - 2016-06-12 20:51 - 00000000 ____D C:\AdwCleaner
2016-06-12 20:38 - 2016-06-12 20:38 - 03677248 _____ C:\Users\Sany\Desktop\AdwCleaner_5.119.exe
2016-06-12 20:00 - 2016-06-12 20:01 - 12893312 _____ (Lenovo Group Limited ) C:\Users\Sany\Desktop\g3ad03ww.exe
2016-06-12 16:34 - 2016-06-12 16:34 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ICCWDT_01009.Wdf
2016-06-12 16:34 - 2011-04-06 16:02 - 00002759 _____ C:\Windows\Remove.ini
2016-06-12 16:34 - 2011-04-06 14:02 - 02610808 _____ (Sunplus Technology) C:\Windows\system32\Drivers\SPUVCBv_x64.sys
2016-06-12 16:34 - 2011-03-17 14:47 - 00213368 _____ (Dext5xx) C:\Windows\system32\DextUVCB_x64.ax
2016-06-12 16:34 - 2011-03-17 14:47 - 00193400 _____ (Dext5xx) C:\Windows\SysWOW64\DextUVCB.ax
2016-06-12 16:34 - 2010-12-21 15:08 - 00087096 _____ C:\Windows\un_dext.exe
2016-06-12 16:34 - 2010-12-20 13:42 - 00281976 _____ (Sunplusit) C:\Windows\system32\CoInstaller_x64.dll
2016-06-12 16:34 - 2010-11-19 14:28 - 00087928 _____ C:\Windows\SPRemove_x64.exe
2016-06-12 16:34 - 2010-08-18 00:28 - 00026136 _____ (Intel Corporation) C:\Windows\system32\Drivers\ICCWDT.sys
2016-06-12 16:34 - 2010-07-19 14:42 - 00003400 _____ C:\Windows\Dext_25.ini
2016-06-12 16:34 - 2010-07-19 14:41 - 00002964 _____ C:\Windows\Dext_13.ini
2016-06-12 16:34 - 2010-07-19 14:40 - 00002992 _____ C:\Windows\Dext_01.ini
2016-06-12 16:34 - 2010-07-19 14:39 - 00002944 _____ C:\Windows\Dext_09.ini
2016-06-12 16:34 - 2010-07-19 14:38 - 00003036 _____ C:\Windows\Dext_29.ini
2016-06-12 16:34 - 2010-07-19 14:37 - 00002376 _____ C:\Windows\Dext_18.ini
2016-06-12 16:34 - 2010-07-19 14:35 - 00003176 _____ C:\Windows\Dext_07.ini
2016-06-12 16:34 - 2010-07-19 14:34 - 00003124 _____ C:\Windows\Dext_19.ini
2016-06-12 16:34 - 2010-07-19 14:33 - 00003386 _____ C:\Windows\Dext_12.ini
2016-06-12 16:34 - 2010-07-19 14:33 - 00003180 _____ C:\Windows\Dext_16.ini
2016-06-12 16:34 - 2010-07-19 14:32 - 00003250 _____ C:\Windows\Dext_10.ini
2016-06-12 16:34 - 2010-07-19 14:31 - 00003148 _____ C:\Windows\Dext_22.ini
2016-06-12 16:34 - 2010-07-19 14:30 - 00002446 _____ C:\Windows\Dext_17.ini
2016-06-12 16:34 - 2010-07-19 14:18 - 00002544 _____ C:\Windows\Dext_04.ini
2016-06-12 16:34 - 2010-07-19 14:18 - 00002314 _____ C:\Windows\Dext_52.ini
2016-06-12 16:33 - 2016-05-03 05:07 - 04181288 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys
2016-06-12 16:31 - 2015-05-26 20:02 - 05375448 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2016-06-12 16:31 - 2015-05-26 20:00 - 00017082 _____ C:\Windows\system32\iglhxs64.vp
2016-06-12 16:31 - 2015-05-26 19:52 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00432128 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00431104 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00429056 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00428544 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00223664 _____ C:\Windows\system32\Gfxres.th-TH.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00210106 _____ C:\Windows\system32\Gfxres.el-GR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00194245 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00166170 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00163421 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00159008 _____ C:\Windows\system32\Gfxres.he-IL.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00149682 _____ C:\Windows\system32\Gfxres.it-IT.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00148042 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00147393 _____ C:\Windows\system32\Gfxres.de-DE.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00147288 _____ C:\Windows\system32\Gfxres.es-ES.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00146004 _____ C:\Windows\system32\Gfxres.ro-RO.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00145491 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00144645 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00144260 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00144020 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00143932 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142882 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142877 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142717 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142289 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142008 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00141838 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00141049 _____ C:\Windows\system32\Gfxres.hr-HR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00137889 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00137784 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00137141 _____ C:\Windows\system32\Gfxres.da-DK.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00132623 _____ C:\Windows\system32\Gfxres.en-US.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2016-06-12 16:31 - 2015-05-26 19:52 - 00126300 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00124650 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00000268 _____ C:\Windows\system32\GfxUI.exe.config
2016-06-12 16:31 - 2015-05-26 19:50 - 01981696 _____ C:\Windows\system32\iglhxa64.cpa
2016-06-12 16:31 - 2015-05-26 19:50 - 00059425 _____ C:\Windows\system32\iglhxo64.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00059398 _____ C:\Windows\system32\iglhxg64.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00059230 _____ C:\Windows\system32\iglhxc64.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00059104 _____ C:\Windows\system32\iglhxc64_dev.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00058796 _____ C:\Windows\system32\iglhxg64_dev.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00058109 _____ C:\Windows\system32\iglhxo64_dev.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00001074 _____ C:\Windows\system32\iglhxa64.vp
2016-06-12 16:30 - 2015-06-04 21:20 - 00116224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v4229.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 01049576 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00940360 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00530968 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00525800 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00220432 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00184352 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2016-06-12 16:30 - 2015-05-26 19:53 - 00101376 _____ C:\Windows\system32\igdde64.dll
2016-06-12 16:30 - 2015-05-26 19:53 - 00081408 _____ C:\Windows\SysWOW64\igdde32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 10811392 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00410112 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00384512 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00330752 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00175104 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00009728 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2016-06-12 16:30 - 2015-05-26 19:51 - 13028864 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 03511296 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 03121152 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 00575488 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 00542720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2016-06-12 16:29 - 2016-06-12 16:29 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2016-06-12 16:29 - 2015-06-04 21:21 - 05906536 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00513640 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00444008 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00401512 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00280680 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00256616 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00187496 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00173672 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2016-06-12 16:29 - 2015-05-26 19:50 - 00963452 _____ C:\Windows\SysWOW64\igcodeckrng600.bin
2016-06-12 16:29 - 2015-05-26 19:50 - 00963452 _____ C:\Windows\system32\igcodeckrng600.bin
2016-06-12 16:29 - 2015-05-26 19:50 - 00272928 _____ C:\Windows\SysWOW64\igvpkrng600.bin
2016-06-12 16:29 - 2015-05-26 19:50 - 00272928 _____ C:\Windows\system32\igvpkrng600.bin
2016-06-12 16:29 - 2014-12-11 22:56 - 00033448 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2016-06-12 16:29 - 2014-01-30 17:17 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2016-06-12 16:28 - 2016-06-12 16:28 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ETD_01011.Wdf
2016-06-12 16:27 - 2016-06-12 16:28 - 00000000 ____D C:\Program Files\Elantech
2016-06-12 16:27 - 2015-09-09 22:00 - 00062672 _____ (ELAN Microelectronics Corp.) C:\Windows\system32\ETDCoInstaller15005.dll
2016-06-12 16:27 - 2015-09-09 21:59 - 00577096 _____ (ELAN Microelectronics Corp.) C:\Windows\system32\Drivers\ETD.sys
2016-06-12 16:25 - 2016-06-12 16:25 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-06-12 16:25 - 2016-06-12 16:25 - 00000000 ____D C:\Windows\system32\DAX2
2016-06-12 16:24 - 2016-06-03 07:29 - 72520720 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-06-12 16:24 - 2016-06-03 07:29 - 07172920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 06064046 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-06-12 16:24 - 2016-06-03 07:29 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2016-06-12 16:24 - 2016-06-03 07:29 - 05111040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-06-12 16:24 - 2016-06-03 07:29 - 03283248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 03199744 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 03096248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 02895104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-06-12 16:24 - 2016-06-03 07:29 - 02060032 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 01355616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00965032 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00689888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00677672 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00532384 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00447728 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00231920 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00221968 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00214832 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00209536 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00192984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00166208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00151792 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00134208 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00110984 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00090920 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00088320 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00084616 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00023696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 07096192 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 06264640 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 05339552 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 03282544 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 02050184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01965816 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01959608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01780624 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01591064 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01508936 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01061120 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00743968 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00727440 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00708312 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00678184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00574760 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00504312 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00445400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00441272 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00371456 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00362056 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00330568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00327456 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00310424 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00272720 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00253904 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00253872 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00252880 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00122328 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-06-12 16:23 - 2015-09-17 11:42 - 00463112 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2016-06-12 16:23 - 2015-05-29 16:05 - 00646408 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2016-06-12 16:23 - 2015-05-29 16:05 - 00030960 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2016-06-12 16:22 - 2016-06-12 16:22 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-06-12 16:22 - 2016-03-29 07:01 - 00181304 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2016-06-12 16:21 - 2014-01-10 13:13 - 00082128 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bScsiSDa.sys
2016-06-12 16:21 - 2013-10-29 23:15 - 00458960 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\k57nd60a.sys
2016-06-12 15:50 - 2016-06-12 15:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_b57xdbd_01009.Wdf
2016-06-12 15:50 - 2013-07-23 16:23 - 00059088 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bScsiMSa.sys
2016-06-12 15:50 - 2012-08-13 10:59 - 00072280 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57xdbd.sys
2016-06-12 15:50 - 2012-08-13 10:59 - 00021080 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57xdmp.sys
2016-06-12 15:42 - 2016-06-12 15:42 - 03652640 _____ C:\Users\Sany\Desktop\SDI_R454.zip
2016-06-12 15:42 - 2016-06-12 15:42 - 00000000 ____D C:\Users\Sany\Desktop\SDI_R454
2016-06-12 15:39 - 2016-06-12 16:35 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-06-12 15:39 - 2016-06-12 15:39 - 00001053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-06-12 15:39 - 2016-06-12 15:39 - 00001041 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-06-12 15:39 - 2016-06-12 15:39 - 00000000 ____D C:\Users\Sandra Nicola\AppData\Roaming\TeamViewer
2016-06-08 21:43 - 2016-06-12 20:51 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-06-08 21:15 - 2016-06-08 21:15 - 00000000 ____D C:\Users\Sandra Nicola\Downloads\pkeyuibx_v1.5.0
2016-06-08 19:11 - 2016-06-12 12:17 - 00000000 ____D C:\Users\Public\Downloads\Windows 7 Ultimate
2016-06-08 17:13 - 2016-06-09 21:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-07 22:26 - 2016-06-07 22:27 - 858866918 _____ C:\Users\Sany\Desktop\Monsieur_Claude_und_seine_Toechter_16.06.04_20-15_sat1_120_TVOON_DE.mpg.avi
2016-06-04 13:23 - 2016-06-04 13:23 - 00000000 ____D C:\Users\Sany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-04 11:18 - 2016-06-05 11:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-05-29 17:55 - 2016-05-29 17:55 - 00000000 ____D C:\Users\Sany\AppData\Roaming\mp3DirectCut
2016-05-13 16:36 - 2016-06-10 23:03 - 00000000 ____D C:\Users\Sany\Desktop\Shopping Queen
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-12 21:24 - 2009-07-14 06:45 - 00027840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-12 21:24 - 2009-07-14 06:45 - 00027840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-12 21:20 - 2012-08-30 21:23 - 00007620 _____ C:\Users\Sandra Nicola\AppData\Local\Resmon.ResmonCfg
2016-06-12 21:18 - 2014-01-04 17:26 - 00000000 ___RD C:\Users\Sany\Documents\Dropbox
2016-06-12 21:18 - 2013-08-30 23:00 - 00000000 ____D C:\Users\Sany\AppData\Roaming\Skype
2016-06-12 21:18 - 2012-08-29 21:46 - 00000000 ____D C:\Users\Sandra Nicola
2016-06-12 21:15 - 2013-08-30 23:00 - 00000000 ____D C:\Users\Sany\AppData\Local\Sidebar7
2016-06-12 21:14 - 2015-11-04 09:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-12 21:14 - 2012-08-29 22:57 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-12 21:13 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-12 21:12 - 2012-08-29 22:54 - 00000000 ____D C:\Program Files (x86)\Intel
2016-06-12 21:01 - 2012-08-29 23:08 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-06-12 21:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-06-12 20:48 - 2012-08-30 07:36 - 00697522 _____ C:\Windows\system32\perfh007.dat
2016-06-12 20:48 - 2012-08-30 07:36 - 00149458 _____ C:\Windows\system32\perfc007.dat
2016-06-12 20:48 - 2009-07-14 07:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-12 20:44 - 2015-06-16 17:01 - 00001220 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002UA.job
2016-06-12 19:49 - 2013-08-30 23:11 - 00000000 ____D C:\Users\Sany\AppData\Roaming\vlc
2016-06-12 19:40 - 2013-02-26 21:24 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-06-12 19:30 - 2012-08-29 22:57 - 00000000 ____D C:\Dolby PCEE4
2016-06-12 19:21 - 2015-07-10 09:50 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-12 19:20 - 2015-07-10 09:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-06-12 19:20 - 2015-07-10 09:50 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-06-12 17:44 - 2015-06-16 17:01 - 00001168 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002Core.job
2016-06-12 16:47 - 2013-08-30 23:00 - 00109680 _____ C:\Users\Sany\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-12 16:43 - 2014-06-12 22:46 - 00000000 ____D C:\Windows\SysWOW64\NV
2016-06-12 16:43 - 2014-06-12 22:46 - 00000000 ____D C:\Windows\system32\NV
2016-06-12 16:37 - 2016-05-10 11:32 - 00412840 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-12 16:26 - 2012-08-29 22:57 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-06-12 10:06 - 2014-04-05 19:49 - 00000000 ____D C:\Users\Sany\Desktop\Drucken
2016-06-12 09:17 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-06-09 22:05 - 2015-12-16 01:45 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-09 22:05 - 2012-09-02 14:46 - 00000000 ____D C:\ProgramData\Skype
2016-06-09 21:58 - 2013-04-12 19:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-08 20:44 - 2012-09-09 11:53 - 00000000 ____D C:\Users\Sany\Desktop\Siedler
2016-06-06 20:55 - 2012-08-29 23:13 - 00002201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-06 12:31 - 2013-08-30 22:57 - 00000000 ____D C:\Users\Sany\AppData\Roaming\DVDVideoSoft
2016-06-06 11:57 - 2013-08-30 23:27 - 00000000 ____D C:\Users\Sany\Documents\Rezepte
2016-06-05 18:02 - 2013-09-08 13:57 - 00000000 ____D C:\Users\Sany\AppData\Local\FreePDF_XP
2016-06-04 13:23 - 2014-01-04 17:23 - 00000000 ____D C:\Users\Sany\AppData\Roaming\Dropbox
2016-06-04 09:53 - 2015-07-09 10:20 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-27 10:48 - 2016-03-20 10:49 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-27 10:48 - 2015-04-05 10:27 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-26 21:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-05-24 23:14 - 2015-02-12 11:55 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-20 21:07 - 2013-08-30 23:54 - 00000000 ____D C:\Users\Sany\Documents\Steuerfälle
2016-05-14 02:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-05-14 01:27 - 2014-12-15 22:40 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-13 23:15 - 2015-09-23 22:59 - 00000078 _____ C:\Users\Sany\Desktop\Schulden.txt
2016-05-13 10:14 - 2015-11-04 09:56 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-13 10:14 - 2012-08-30 22:13 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 10:14 - 2012-08-30 22:13 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2012-08-29 22:04 - 2012-08-29 22:04 - 0004264 _____ () C:\Users\Sandra Nicola\AppData\Local\HWVendorDetection.log
2012-08-30 21:23 - 2016-06-12 21:20 - 0007620 _____ () C:\Users\Sandra Nicola\AppData\Local\Resmon.ResmonCfg
2012-10-02 17:17 - 2016-05-02 08:58 - 0000211 _____ () C:\ProgramData\acer.zip
2016-06-12 16:25 - 2016-06-12 16:25 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Files to move or delete:
====================
C:\Users\Sany\biing2.exe
Some files in TEMP:
====================
C:\Users\Sandra Nicola\AppData\Local\Temp\libeay32.dll
C:\Users\Sandra Nicola\AppData\Local\Temp\msvcr120.dll
C:\Users\Sandra Nicola\AppData\Local\Temp\sqlite3.dll
C:\Users\Sany\AppData\Local\Temp\gkey.exe
C:\Users\Sany\AppData\Local\Temp\pkeyui.exe
C:\Users\Sany\AppData\Local\Temp\wabk.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-05-10 14:17
==================== End of FRST.txt ============================
|
|
14.06.2016, 22:06
| #2 |
| /// Malwareteam   | System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen. Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
 Schritt: 1 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Schritt: 2 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.
__________________ |
|
15.06.2016, 21:19
| #3 |
| | System reagiert(e) träge, Funde mit Adwcleaner und MalwarebytesCode:
ATTFilter 22:02:33.0892 0x1cf8 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
22:02:38.0044 0x1cf8 ============================================================
22:02:38.0044 0x1cf8 Current date / time: 2016/06/15 22:02:38.0044
22:02:38.0044 0x1cf8 SystemInfo:
22:02:38.0044 0x1cf8
22:02:38.0044 0x1cf8 OS Version: 6.1.7601 ServicePack: 1.0
22:02:38.0044 0x1cf8 Product type: Workstation
22:02:38.0045 0x1cf8 ComputerName: SCHNUBBI
22:02:38.0045 0x1cf8 UserName: Sandra Nicola
22:02:38.0045 0x1cf8 Windows directory: C:\Windows
22:02:38.0045 0x1cf8 System windows directory: C:\Windows
22:02:38.0045 0x1cf8 Running under WOW64
22:02:38.0045 0x1cf8 Processor architecture: Intel x64
22:02:38.0045 0x1cf8 Number of processors: 4
22:02:38.0045 0x1cf8 Page size: 0x1000
22:02:38.0045 0x1cf8 Boot type: Normal boot
22:02:38.0045 0x1cf8 ============================================================
22:02:41.0712 0x1cf8 KLMD registered as C:\Windows\system32\drivers\16813129.sys
22:02:42.0234 0x1cf8 System UUID: {7EF02DFB-89BF-74FC-055D-0DC866F0D1FD}
22:02:43.0584 0x1cf8 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:02:43.0592 0x1cf8 ============================================================
22:02:43.0592 0x1cf8 \Device\Harddisk0\DR0:
22:02:43.0592 0x1cf8 MBR partitions:
22:02:43.0592 0x1cf8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:02:43.0592 0x1cf8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A352000
22:02:43.0592 0x1cf8 ============================================================
22:02:43.0615 0x1cf8 C: <-> \Device\Harddisk0\DR0\Partition2
22:02:43.0720 0x1cf8 ============================================================
22:02:43.0720 0x1cf8 Initialize success
22:02:43.0720 0x1cf8 ============================================================
22:02:57.0453 0x1bb0 ============================================================
22:02:57.0453 0x1bb0 Scan started
22:02:57.0453 0x1bb0 Mode: Manual; SigCheck; TDLFS;
22:02:57.0453 0x1bb0 ============================================================
22:02:57.0454 0x1bb0 KSN ping started
22:03:11.0269 0x1bb0 KSN ping finished: true
22:03:15.0679 0x1bb0 ================ Scan system memory ========================
22:03:15.0680 0x1bb0 System memory - ok
22:03:15.0681 0x1bb0 ================ Scan services =============================
22:03:15.0876 0x1bb0 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:03:16.0550 0x1bb0 1394ohci - ok
22:03:16.0690 0x1bb0 [ 7EEB488346FBFA3731276C3EE8A8FD9E, 97D2E49C2E615E38E8176F1C1551BF452CC6A00787FF90845EFF27A4E6E20B1F ] AAV UpdateService C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
22:03:16.0713 0x1bb0 AAV UpdateService - ok
22:03:16.0771 0x1bb0 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:03:16.0866 0x1bb0 ACPI - ok
22:03:16.0930 0x1bb0 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:03:17.0117 0x1bb0 AcpiPmi - ok
22:03:17.0232 0x1bb0 [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:03:17.0256 0x1bb0 AdobeARMservice - ok
22:03:17.0396 0x1bb0 [ 6A050671F2C76FB48131F12786802807, 71B37A9CEAE5AB1B069FB010BC547E14445461885B74FA879E63F9F2DAF644A5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:03:17.0445 0x1bb0 AdobeFlashPlayerUpdateSvc - ok
22:03:17.0516 0x1bb0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:03:17.0648 0x1bb0 adp94xx - ok
22:03:17.0695 0x1bb0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:03:17.0791 0x1bb0 adpahci - ok
22:03:17.0846 0x1bb0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:03:17.0937 0x1bb0 adpu320 - ok
22:03:17.0978 0x1bb0 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:03:18.0079 0x1bb0 AeLookupSvc - ok
22:03:18.0151 0x1bb0 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
22:03:18.0334 0x1bb0 AFD - ok
22:03:18.0381 0x1bb0 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
22:03:18.0457 0x1bb0 agp440 - ok
22:03:18.0506 0x1bb0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
22:03:18.0616 0x1bb0 ALG - ok
22:03:18.0661 0x1bb0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
22:03:18.0728 0x1bb0 aliide - ok
22:03:18.0752 0x1bb0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
22:03:18.0842 0x1bb0 amdide - ok
22:03:18.0886 0x1bb0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:03:18.0994 0x1bb0 AmdK8 - ok
22:03:19.0021 0x1bb0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
22:03:19.0150 0x1bb0 AmdPPM - ok
22:03:19.0196 0x1bb0 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:03:19.0419 0x1bb0 amdsata - ok
22:03:19.0464 0x1bb0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
22:03:19.0558 0x1bb0 amdsbs - ok
22:03:19.0601 0x1bb0 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:03:19.0646 0x1bb0 amdxata - ok
22:03:19.0689 0x1bb0 [ 6474F8823C7188D2DA579F01FB6CED6B, 81D4E9D026CA60FB8840D520D151B8C2F4745A75DF90A4D6C80641F1A23AB605 ] AppID C:\Windows\system32\drivers\appid.sys
22:03:19.0886 0x1bb0 AppID - ok
22:03:19.0923 0x1bb0 [ 8F58BA1F7772D6D7CE45F03309608001, CDB109E0DD241042C058F7D81A1BDEBC34435CB2DC4A7A7A3692193DD5806097 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:03:19.0978 0x1bb0 AppIDSvc - ok
22:03:20.0032 0x1bb0 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
22:03:20.0126 0x1bb0 Appinfo - ok
22:03:20.0182 0x1bb0 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
22:03:20.0282 0x1bb0 AppMgmt - ok
22:03:20.0337 0x1bb0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
22:03:20.0439 0x1bb0 arc - ok
22:03:20.0474 0x1bb0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:03:20.0548 0x1bb0 arcsas - ok
22:03:20.0684 0x1bb0 [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:03:20.0789 0x1bb0 aspnet_state - ok
22:03:20.0858 0x1bb0 [ 1694434F5B9AB16772C7A8E2EF9134CA, B84FA624EB6D438BB01AB886AE85FA42BEA46F2E33454C6C4D9078015813CDB5 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
22:03:20.0910 0x1bb0 aswHwid - ok
22:03:20.0947 0x1bb0 [ 786E8BCDFF674068F3C950615FC2E71C, B5803960297F9622F594EC113FF6C89221606FC6B26B02EA6F021BE38AA66794 ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
22:03:20.0999 0x1bb0 aswKbd - ok
22:03:21.0052 0x1bb0 [ 33D0DD0471FDF449C81338863FC63978, D5898B51B3BCE43E62D459CE808888085D82A4B9B284F90E3301CEF7C33C03E4 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
22:03:21.0111 0x1bb0 aswMonFlt - ok
22:03:21.0146 0x1bb0 [ DF190688D993A3DB227BFB0BB40BD7D4, C7EDA64AE84001089AE2085B8336B7572DEDDCC80EAAA05D73C9C675CAD8C511 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
22:03:21.0257 0x1bb0 aswRdr - ok
22:03:21.0335 0x1bb0 [ D873455DFA27680585AE238503917DF5, CAD9CBCD24F33FF8E49C77C795F8FE0540243E455A6FC9E3035B8C15C9EEBD6C ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
22:03:21.0400 0x1bb0 aswRvrt - ok
22:03:21.0499 0x1bb0 [ A371A06EC8F4830C263D3F5CA5A11B65, 62E55DD439C106184F3AF73198D5CEAB5828A0EE1E30A13C35103B1B57966AB6 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
22:03:21.0844 0x1bb0 aswSnx - ok
22:03:22.0023 0x1bb0 [ 6B7F6CE19A16240EE9DE2C528897ED9C, 3B7C24F5B152B408D87DA70B01AD2E744DCB877D46602C0620931FCADB275E17 ] aswSP C:\Windows\system32\drivers\aswSP.sys
22:03:22.0186 0x1bb0 aswSP - ok
22:03:22.0240 0x1bb0 [ 3575F9226251DE48E065ED5C384A21EF, 032F53FEEB0BB43F1AD673EE13F507D3A8AC10F78543EA1294C40BAA918ED323 ] aswStm C:\Windows\system32\drivers\aswStm.sys
22:03:22.0278 0x1bb0 aswStm - ok
22:03:22.0350 0x1bb0 [ BA4CDCD8C0395E91C38CD2C5CE3E7FA2, EF037C9C62F67C3D4432C86E3F568F62AABF468C792EA75477FCBC8EC8151C29 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
22:03:22.0470 0x1bb0 aswVmm - ok
22:03:22.0512 0x1bb0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:03:22.0752 0x1bb0 AsyncMac - ok
22:03:22.0778 0x1bb0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
22:03:22.0830 0x1bb0 atapi - ok
22:03:23.0115 0x1bb0 [ D9CDF35CEC701536606ECCD66868210A, C0999048AA7E8E5E26F39B82A41AAA44DD9482724012755AB259209AED214673 ] athr C:\Windows\system32\DRIVERS\athrx.sys
22:03:23.0602 0x1bb0 athr - ok
22:03:23.0685 0x1bb0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:03:23.0871 0x1bb0 AudioEndpointBuilder - ok
22:03:23.0913 0x1bb0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:03:23.0998 0x1bb0 AudioSrv - ok
22:03:24.0140 0x1bb0 [ A24AF1F8186B4B69D54DCC4B059CA695, 882338FEF206231B9FD83787A8685A7B69D76A414923B511A8D6A7619CB86F87 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:03:24.0190 0x1bb0 avast! Antivirus - ok
22:03:24.0223 0x1bb0 AvastVBoxSvc - ok
22:03:24.0287 0x1bb0 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:03:24.0429 0x1bb0 AxInstSV - ok
22:03:24.0536 0x1bb0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
22:03:24.0718 0x1bb0 b06bdrv - ok
22:03:24.0772 0x1bb0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:03:24.0981 0x1bb0 b57nd60a - ok
22:03:25.0040 0x1bb0 [ 0630C8915B747E88E825CE7F73B66A5D, E9B465EE23487B59B1C906B04F9235B0BFBF254C1760E2462A7D1D7FE1655088 ] b57xdbd C:\Windows\system32\DRIVERS\b57xdbd.sys
22:03:25.0091 0x1bb0 b57xdbd - ok
22:03:25.0217 0x1bb0 [ CA8457E528E13B38F8DC3B86B6BA4C6B, 532E48BBBA806608EBEFE10A94DCE2BFE8918D8DD6DEF6871F44FEEDA51238B8 ] b57xdmp C:\Windows\system32\DRIVERS\b57xdmp.sys
22:03:25.0276 0x1bb0 b57xdmp - ok
22:03:25.0335 0x1bb0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
22:03:25.0441 0x1bb0 BDESVC - ok
22:03:25.0471 0x1bb0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
22:03:25.0596 0x1bb0 Beep - ok
22:03:25.0698 0x1bb0 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
22:03:25.0818 0x1bb0 BFE - ok
22:03:25.0907 0x1bb0 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
22:03:26.0219 0x1bb0 BITS - ok
22:03:26.0257 0x1bb0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:03:26.0385 0x1bb0 blbdrive - ok
22:03:26.0421 0x1bb0 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:03:26.0600 0x1bb0 bowser - ok
22:03:26.0627 0x1bb0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
22:03:26.0765 0x1bb0 BrFiltLo - ok
22:03:26.0787 0x1bb0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
22:03:26.0881 0x1bb0 BrFiltUp - ok
22:03:26.0940 0x1bb0 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
22:03:27.0035 0x1bb0 Browser - ok
22:03:27.0074 0x1bb0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:03:27.0261 0x1bb0 Brserid - ok
22:03:27.0285 0x1bb0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:03:27.0407 0x1bb0 BrSerWdm - ok
22:03:27.0446 0x1bb0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:03:27.0529 0x1bb0 BrUsbMdm - ok
22:03:27.0566 0x1bb0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:03:27.0684 0x1bb0 BrUsbSer - ok
22:03:27.0735 0x1bb0 [ F4598EF1BE59937A578F3F68724552A7, 67F2B580462A925583F272BBF664BF2042D2E2B18B1CB21B994B12A9B6288779 ] bScsiMSa C:\Windows\system32\DRIVERS\bScsiMSa.sys
22:03:27.0793 0x1bb0 bScsiMSa - ok
22:03:27.0842 0x1bb0 [ D4F7DB4F009E9CFB06678307199282C3, 87FA4BFA624E1C623B52B8EE4661275275932F1E8C102A90841D2F7249B0DE41 ] bScsiSDa C:\Windows\system32\DRIVERS\bScsiSDa.sys
22:03:28.0077 0x1bb0 bScsiSDa - ok
22:03:28.0114 0x1bb0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
22:03:28.0243 0x1bb0 BTHMODEM - ok
22:03:28.0297 0x1bb0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
22:03:28.0376 0x1bb0 bthserv - ok
22:03:28.0417 0x1bb0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:03:28.0617 0x1bb0 cdfs - ok
22:03:28.0675 0x1bb0 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:03:28.0810 0x1bb0 cdrom - ok
22:03:28.0854 0x1bb0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
22:03:28.0959 0x1bb0 CertPropSvc - ok
22:03:29.0007 0x1bb0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
22:03:29.0079 0x1bb0 circlass - ok
22:03:29.0128 0x1bb0 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
22:03:29.0217 0x1bb0 CLFS - ok
22:03:29.0290 0x1bb0 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:03:29.0315 0x1bb0 clr_optimization_v2.0.50727_32 - ok
22:03:29.0354 0x1bb0 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:03:29.0383 0x1bb0 clr_optimization_v2.0.50727_64 - ok
22:03:29.0474 0x1bb0 [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:03:29.0646 0x1bb0 clr_optimization_v4.0.30319_32 - ok
22:03:29.0674 0x1bb0 [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:03:29.0796 0x1bb0 clr_optimization_v4.0.30319_64 - ok
22:03:29.0933 0x1bb0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:03:30.0146 0x1bb0 CmBatt - ok
22:03:30.0179 0x1bb0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:03:30.0407 0x1bb0 cmdide - ok
22:03:30.0472 0x1bb0 [ CA3FB5A6B626D8A00A89E049CF95954E, CD5E3E40972513195108BA46CEC1D0AEA6B09A67EEBDD17EB759BD1729B07C06 ] CNG C:\Windows\system32\Drivers\cng.sys
22:03:30.0612 0x1bb0 CNG - ok
22:03:30.0655 0x1bb0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:03:30.0697 0x1bb0 Compbatt - ok
22:03:30.0724 0x1bb0 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
22:03:30.0847 0x1bb0 CompositeBus - ok
22:03:30.0868 0x1bb0 COMSysApp - ok
22:03:30.0980 0x1bb0 [ 79D9B8D55C088D909B1A0F46797F852E, 0D233A40BF2459ADF32FF6A4D4E1706B9BE02E9EB38B8A712C7E762F10110B31 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
22:03:31.0024 0x1bb0 cphs - ok
22:03:31.0059 0x1bb0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:03:31.0124 0x1bb0 crcdisk - ok
22:03:31.0180 0x1bb0 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:03:31.0278 0x1bb0 CryptSvc - ok
22:03:31.0345 0x1bb0 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
22:03:31.0513 0x1bb0 CSC - ok
22:03:31.0575 0x1bb0 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
22:03:31.0680 0x1bb0 CscService - ok
22:03:31.0766 0x1bb0 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
22:03:31.0882 0x1bb0 DcomLaunch - ok
22:03:31.0926 0x1bb0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
22:03:32.0043 0x1bb0 defragsvc - ok
22:03:32.0088 0x1bb0 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:03:32.0479 0x1bb0 DfsC - ok
22:03:32.0606 0x1bb0 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
22:03:32.0717 0x1bb0 Dhcp - ok
22:03:32.0868 0x1bb0 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
22:03:33.0045 0x1bb0 DiagTrack - ok
22:03:33.0158 0x1bb0 [ 045135BAA14040385E1EEA31669E47F4, 7B3B6A420D2CD96B557824C743CE574C5691726D40B5B50588CCEDF9C26025BF ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
22:03:33.0208 0x1bb0 DigitalWave.Update.Service - ok
22:03:33.0232 0x1bb0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
22:03:33.0366 0x1bb0 discache - ok
22:03:33.0414 0x1bb0 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
22:03:33.0489 0x1bb0 Disk - ok
22:03:33.0526 0x1bb0 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
22:03:33.0643 0x1bb0 dmvsc - ok
22:03:33.0690 0x1bb0 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:03:33.0798 0x1bb0 Dnscache - ok
22:03:33.0850 0x1bb0 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
22:03:33.0974 0x1bb0 dot3svc - ok
22:03:34.0045 0x1bb0 [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
22:03:34.0191 0x1bb0 dot4 - ok
22:03:34.0313 0x1bb0 [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
22:03:34.0392 0x1bb0 Dot4Print - ok
22:03:34.0470 0x1bb0 [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
22:03:34.0563 0x1bb0 dot4usb - ok
22:03:34.0637 0x1bb0 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
22:03:34.0758 0x1bb0 DPS - ok
22:03:34.0854 0x1bb0 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:03:34.0993 0x1bb0 drmkaud - ok
22:03:35.0108 0x1bb0 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:03:35.0311 0x1bb0 DXGKrnl - ok
22:03:35.0366 0x1bb0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
22:03:35.0486 0x1bb0 EapHost - ok
22:03:35.0732 0x1bb0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
22:03:35.0975 0x1bb0 ebdrv - ok
22:03:36.0025 0x1bb0 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] EFS C:\Windows\System32\lsass.exe
22:03:36.0075 0x1bb0 EFS - ok
22:03:36.0173 0x1bb0 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:03:36.0302 0x1bb0 ehRecvr - ok
22:03:36.0337 0x1bb0 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
22:03:36.0428 0x1bb0 ehSched - ok
22:03:36.0497 0x1bb0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:03:36.0601 0x1bb0 elxstor - ok
22:03:36.0741 0x1bb0 [ 8E12D885D17EC5FA4F52D2C6E953E285, A39F9FF88A6401030FCDE47E4504A297FB590751C74627181EC42F1E298CED8E ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
22:03:36.0814 0x1bb0 ePowerSvc - ok
22:03:36.0911 0x1bb0 [ ABDD5AD016AFFD34AD40E944CE94BF59, 61089124CD8FEA31142CD4D3C47224A6310B9BE7B7FA974956D9EDDAD4381503 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
22:03:36.0954 0x1bb0 EpsonBidirectionalService - detected UnsignedFile.Multi.Generic ( 1 )
22:03:39.0777 0x1bb0 Detect skipped due to KSN trusted
22:03:39.0777 0x1bb0 EpsonBidirectionalService - ok
22:03:39.0903 0x1bb0 [ 194E8100D57FC13BEF88129BAAD07E46, 745D24ADD99ED182FCCA30C6B85167484B74D3EFD631AF92AA57AAD73F474631 ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
22:03:39.0932 0x1bb0 EPSON_PM_RPCV4_04 - ok
22:03:39.0951 0x1bb0 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:03:40.0080 0x1bb0 ErrDev - ok
22:03:40.0205 0x1bb0 [ DDCCBE95C557EC0123C3B076C8780048, E9EAD059B307F90EF61FB1B3EFCFBD8AA3DDCBC624B1AE7FCE4D72FFD111E48B ] ETD C:\Windows\system32\DRIVERS\ETD.sys
22:03:40.0381 0x1bb0 ETD - ok
22:03:40.0513 0x1bb0 [ A7A5318DA5F9FEA3AE82DFD0970DD509, 69F08F2F8EFA411AFF8C34A70EDB2B0168E9263EDA3072E2AE47011F2E6770B4 ] ETDService C:\Program Files\Elantech\ETDService.exe
22:03:40.0547 0x1bb0 ETDService - ok
22:03:40.0618 0x1bb0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
22:03:40.0757 0x1bb0 EventSystem - ok
22:03:40.0816 0x1bb0 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
22:03:40.0983 0x1bb0 exfat - ok
22:03:41.0009 0x1bb0 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:03:41.0155 0x1bb0 fastfat - ok
22:03:41.0260 0x1bb0 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
22:03:41.0394 0x1bb0 Fax - ok
22:03:41.0425 0x1bb0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
22:03:41.0548 0x1bb0 fdc - ok
22:03:41.0592 0x1bb0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
22:03:41.0680 0x1bb0 fdPHost - ok
22:03:41.0702 0x1bb0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
22:03:41.0809 0x1bb0 FDResPub - ok
22:03:41.0877 0x1bb0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:03:41.0966 0x1bb0 FileInfo - ok
22:03:41.0991 0x1bb0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:03:42.0127 0x1bb0 Filetrace - ok
22:03:42.0155 0x1bb0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
22:03:42.0259 0x1bb0 flpydisk - ok
22:03:42.0296 0x1bb0 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:03:42.0384 0x1bb0 FltMgr - ok
22:03:42.0482 0x1bb0 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
22:03:42.0632 0x1bb0 FontCache - ok
22:03:42.0704 0x1bb0 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:03:42.0733 0x1bb0 FontCache3.0.0.0 - ok
22:03:42.0764 0x1bb0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:03:42.0842 0x1bb0 FsDepends - ok
22:03:42.0908 0x1bb0 [ DDEE99DC54EFA20BD5A442CD733C4462, 941D6C5D91F6419198F1A53BF7D33AA2D9118CEAC028B6ED8E5308751810B9B5 ] FsUsbExDisk C:\Windows\SysWOW64\FsUsbExDisk.SYS
22:03:43.0061 0x1bb0 FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
22:03:45.0867 0x1bb0 Detect skipped due to KSN trusted
22:03:45.0867 0x1bb0 FsUsbExDisk - ok
22:03:45.0909 0x1bb0 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:03:45.0947 0x1bb0 Fs_Rec - ok
22:03:46.0005 0x1bb0 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:03:46.0088 0x1bb0 fvevol - ok
22:03:46.0114 0x1bb0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:03:46.0205 0x1bb0 gagp30kx - ok
22:03:46.0286 0x1bb0 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
22:03:46.0448 0x1bb0 gpsvc - ok
22:03:46.0560 0x1bb0 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:03:46.0586 0x1bb0 gupdate - ok
22:03:46.0596 0x1bb0 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:03:46.0616 0x1bb0 gupdatem - ok
22:03:46.0643 0x1bb0 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:03:46.0764 0x1bb0 hcw85cir - ok
22:03:46.0829 0x1bb0 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:03:46.0938 0x1bb0 HdAudAddService - ok
22:03:47.0025 0x1bb0 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:03:47.0092 0x1bb0 HDAudBus - ok
22:03:47.0117 0x1bb0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
22:03:47.0214 0x1bb0 HidBatt - ok
22:03:47.0245 0x1bb0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:03:47.0363 0x1bb0 HidBth - ok
22:03:47.0407 0x1bb0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
22:03:47.0520 0x1bb0 HidIr - ok
22:03:47.0559 0x1bb0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
22:03:47.0666 0x1bb0 hidserv - ok
22:03:47.0746 0x1bb0 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:03:47.0860 0x1bb0 HidUsb - ok
22:03:47.0897 0x1bb0 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:03:48.0016 0x1bb0 hkmsvc - ok
22:03:48.0062 0x1bb0 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:03:48.0155 0x1bb0 HomeGroupListener - ok
22:03:48.0201 0x1bb0 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:03:48.0273 0x1bb0 HomeGroupProvider - ok
22:03:48.0341 0x1bb0 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:03:48.0383 0x1bb0 HpSAMD - ok
22:03:48.0464 0x1bb0 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:03:48.0700 0x1bb0 HTTP - ok
22:03:48.0739 0x1bb0 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:03:48.0786 0x1bb0 hwpolicy - ok
22:03:48.0810 0x1bb0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:03:48.0883 0x1bb0 i8042prt - ok
22:03:48.0960 0x1bb0 [ 53CC5BF8B5A219119953C7ABB19A7705, F342A9732978D893729EA2591CB72E5F5BD1B3E6C9E4DBFFE54EC866E534A8C0 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
22:03:49.0055 0x1bb0 iaStor - ok
22:03:49.0123 0x1bb0 [ D639EB19578CD425A2F0C068F9E4EBAF, 3359383B784EA41E1CA5A1617F6B60B4AAEF5B4972E5CF42743DFB9385694E10 ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
22:03:49.0237 0x1bb0 iaStorA - ok
22:03:49.0302 0x1bb0 [ F56B762E4E00B6365EE8E971EB442FA6, 93C3E451EDA7AA3E54CA6E58CDEDED8D2E724118859FBE49BC7AEF4A689E60CE ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
22:03:49.0349 0x1bb0 iaStorF - ok
22:03:49.0416 0x1bb0 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:03:49.0506 0x1bb0 iaStorV - ok
22:03:49.0563 0x1bb0 [ C1010ADD3DDAE1196ED21057AF7B2AAE, 68196851855AD395008D7F29FCEB28BA4BEB1F062B1844A60813E7DD102ACB1C ] ICCWDT C:\Windows\system32\DRIVERS\ICCWDT.sys
22:03:49.0630 0x1bb0 ICCWDT - ok
22:03:49.0742 0x1bb0 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:03:49.0824 0x1bb0 idsvc - ok
22:03:49.0890 0x1bb0 IEEtwCollectorService - ok
22:03:50.0273 0x1bb0 [ 536B77DB736D848C41616E861940807B, B1C46BB55AC7EDC0CFE1179A9FCC21FD199CB4BD6A786C58965A1CE9C43BCF51 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
22:03:50.0873 0x1bb0 igfx - ok
22:03:50.0915 0x1bb0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:03:50.0966 0x1bb0 iirsp - ok
22:03:51.0080 0x1bb0 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
22:03:51.0191 0x1bb0 IKEEXT - ok
22:03:51.0885 0x1bb0 [ 048A8274D23D1C1586BEF1CFE84CFA8E, ECD0D1DB9CF190189F721DD2536E0E84BD7372B8DC0C11972752AF776EE70A1C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:03:52.0558 0x1bb0 IntcAzAudAddService - ok
22:03:52.0648 0x1bb0 [ 87871AB7AC797F922A6F3D4C874CED96, 2BCD89911E42827CD294DD7D1486A7845D1F98019E51958E0F488384401B2944 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
22:03:52.0706 0x1bb0 IntcDAud - ok
22:03:52.0744 0x1bb0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
22:03:52.0798 0x1bb0 intelide - ok
22:03:52.0893 0x1bb0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:03:53.0003 0x1bb0 intelppm - ok
22:03:53.0041 0x1bb0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:03:53.0133 0x1bb0 IPBusEnum - ok
22:03:53.0197 0x1bb0 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:03:53.0280 0x1bb0 IpFilterDriver - ok
22:03:53.0362 0x1bb0 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:03:53.0686 0x1bb0 iphlpsvc - ok
22:03:53.0706 0x1bb0 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:03:53.0821 0x1bb0 IPMIDRV - ok
22:03:53.0847 0x1bb0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:03:54.0032 0x1bb0 IPNAT - ok
22:03:54.0069 0x1bb0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:03:54.0162 0x1bb0 IRENUM - ok
22:03:54.0223 0x1bb0 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:03:54.0263 0x1bb0 isapnp - ok
22:03:54.0308 0x1bb0 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:03:54.0371 0x1bb0 iScsiPrt - ok
22:03:54.0463 0x1bb0 [ 779010324CCB6B974C4D737DDAABB2D5, 3D8591069D02F0888517C54A4C52E3174771EE86D3DA272C14FCE1B27DCB8613 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
22:03:54.0535 0x1bb0 k57nd60a - ok
22:03:54.0550 0x1bb0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:03:54.0598 0x1bb0 kbdclass - ok
22:03:54.0644 0x1bb0 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:03:54.0718 0x1bb0 kbdhid - ok
22:03:54.0749 0x1bb0 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] KeyIso C:\Windows\system32\lsass.exe
22:03:54.0776 0x1bb0 KeyIso - ok
22:03:54.0823 0x1bb0 [ 0878723427BA190E5ABA5AA0112FA4D4, E332C83D3F4DF71761AA3DAC2C721FC2029F71ECC88A66E175BA56510855C4D4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:03:54.0891 0x1bb0 KSecDD - ok
22:03:54.0927 0x1bb0 [ C08CCCE2BE68D04E6C142614736959DA, AEC0AFC5C28DDC14DD6918BB6E236FA1C85CC30D69DA9AE40F9962D88248040F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:03:54.0981 0x1bb0 KSecPkg - ok
22:03:55.0021 0x1bb0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:03:55.0126 0x1bb0 ksthunk - ok
22:03:55.0194 0x1bb0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
22:03:55.0297 0x1bb0 KtmRm - ok
22:03:55.0366 0x1bb0 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:03:55.0479 0x1bb0 LanmanServer - ok
22:03:55.0543 0x1bb0 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:03:55.0654 0x1bb0 LanmanWorkstation - ok
22:03:55.0723 0x1bb0 [ C7D21310EA0A644AA6394DE1E46E3D31, 597F27A2696F945FD6388CA62D5EE98E44694F477F57EF8A68C2151B2276E838 ] libusb0 C:\Windows\system32\DRIVERS\libusb0.sys
22:03:55.0771 0x1bb0 libusb0 - ok
22:03:55.0834 0x1bb0 [ 93B73DED2BC688F140C6AE2FBAD45789, B6859BC5D309B99BCCDC3717108B714497AAE9C5B26CE5B201344A41FC4CFF9D ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
22:03:55.0870 0x1bb0 Live Updater Service - ok
22:03:55.0908 0x1bb0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:03:56.0042 0x1bb0 lltdio - ok
22:03:56.0101 0x1bb0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:03:56.0237 0x1bb0 lltdsvc - ok
22:03:56.0264 0x1bb0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:03:56.0369 0x1bb0 lmhosts - ok
22:03:56.0464 0x1bb0 [ D7E0BED3EA21D7BDDD410ADE51708D90, 417A9A765E50ACCAE030B37F317217C9DB366BB1503A328D064A41ACDD00AFD8 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:03:56.0506 0x1bb0 LMS - ok
22:03:56.0553 0x1bb0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:03:56.0610 0x1bb0 LSI_FC - ok
22:03:56.0639 0x1bb0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:03:56.0692 0x1bb0 LSI_SAS - ok
22:03:56.0712 0x1bb0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
22:03:56.0764 0x1bb0 LSI_SAS2 - ok
22:03:56.0799 0x1bb0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:03:56.0862 0x1bb0 LSI_SCSI - ok
22:03:56.0890 0x1bb0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
22:03:57.0022 0x1bb0 luafv - ok
22:03:57.0081 0x1bb0 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
22:03:57.0151 0x1bb0 MBAMSwissArmy - ok
22:03:57.0197 0x1bb0 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:03:57.0295 0x1bb0 Mcx2Svc - ok
22:03:57.0340 0x1bb0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
22:03:57.0384 0x1bb0 megasas - ok
22:03:57.0420 0x1bb0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
22:03:57.0506 0x1bb0 MegaSR - ok
22:03:57.0573 0x1bb0 [ 009B44AA87EBFB87B3D3BB22097DFE73, 267298E3B1FBB9587E8691DC6EAB61AB5F6D2CE7F43B0797EA4E198E704FB7A6 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
22:03:57.0619 0x1bb0 MEIx64 - ok
22:03:57.0646 0x1bb0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
22:03:57.0740 0x1bb0 MMCSS - ok
22:03:57.0775 0x1bb0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
22:03:57.0896 0x1bb0 Modem - ok
22:03:57.0941 0x1bb0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:03:58.0000 0x1bb0 monitor - ok
22:03:58.0034 0x1bb0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:03:58.0143 0x1bb0 mouclass - ok
22:03:58.0170 0x1bb0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:03:58.0371 0x1bb0 mouhid - ok
22:03:58.0416 0x1bb0 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:03:58.0478 0x1bb0 mountmgr - ok
22:03:58.0558 0x1bb0 [ D6F67A73E6557578B755F7B534E00F47, 769F3D6CB86B2DC4065BDE4CE39139879B7D96F455A3BE80C7ECEAD5494E8B79 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:03:58.0594 0x1bb0 MozillaMaintenance - ok
22:03:58.0635 0x1bb0 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
22:03:58.0689 0x1bb0 mpio - ok
22:03:58.0708 0x1bb0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:03:58.0848 0x1bb0 mpsdrv - ok
22:03:58.0940 0x1bb0 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:03:59.0133 0x1bb0 MpsSvc - ok
22:03:59.0192 0x1bb0 [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:03:59.0302 0x1bb0 MRxDAV - ok
22:03:59.0346 0x1bb0 [ 035C0A9A63DF3F3A52B90D8F6BF0F166, F409C8A31156E31A6D16D2B34EEE3098CE0D76A4DB7B49810EDDA2E2E19B2E26 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:03:59.0421 0x1bb0 mrxsmb - ok
22:03:59.0471 0x1bb0 [ 8308FC2E9147D7632221E3279BB14660, 3051FF91493FD03B7EDD4EDB23B2DE8DD7E03D46E231BC5925502BE98E78B1CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:03:59.0555 0x1bb0 mrxsmb10 - ok
22:03:59.0578 0x1bb0 [ 1F8DA4ECAEA7E2BCD97E738795817431, FBEF64C7067F5AFF864EF7E220C8A47AC43EB0BFD9A4E4C908F9D9D159AC5139 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:03:59.0635 0x1bb0 mrxsmb20 - ok
22:03:59.0664 0x1bb0 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
22:03:59.0708 0x1bb0 msahci - ok
22:03:59.0742 0x1bb0 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:03:59.0798 0x1bb0 msdsm - ok
22:03:59.0819 0x1bb0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
22:03:59.0887 0x1bb0 MSDTC - ok
22:03:59.0941 0x1bb0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:04:00.0127 0x1bb0 Msfs - ok
22:04:00.0160 0x1bb0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:04:00.0304 0x1bb0 mshidkmdf - ok
22:04:00.0334 0x1bb0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:04:00.0387 0x1bb0 msisadrv - ok
22:04:00.0445 0x1bb0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:04:00.0563 0x1bb0 MSiSCSI - ok
22:04:00.0571 0x1bb0 msiserver - ok
22:04:00.0625 0x1bb0 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:04:00.0719 0x1bb0 MSKSSRV - ok
22:04:00.0734 0x1bb0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:04:00.0863 0x1bb0 MSPCLOCK - ok
22:04:00.0898 0x1bb0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:04:01.0048 0x1bb0 MSPQM - ok
22:04:01.0089 0x1bb0 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:04:01.0179 0x1bb0 MsRPC - ok
22:04:01.0233 0x1bb0 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:04:01.0281 0x1bb0 mssmbios - ok
22:04:01.0311 0x1bb0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:04:01.0490 0x1bb0 MSTEE - ok
22:04:01.0510 0x1bb0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
22:04:01.0564 0x1bb0 MTConfig - ok
22:04:01.0597 0x1bb0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
22:04:01.0645 0x1bb0 Mup - ok
22:04:01.0697 0x1bb0 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
22:04:01.0793 0x1bb0 napagent - ok
22:04:01.0862 0x1bb0 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:04:01.0970 0x1bb0 NativeWifiP - ok
22:04:02.0081 0x1bb0 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:04:02.0214 0x1bb0 NDIS - ok
22:04:02.0256 0x1bb0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:04:02.0385 0x1bb0 NdisCap - ok
22:04:02.0443 0x1bb0 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:04:02.0555 0x1bb0 NdisTapi - ok
22:04:02.0579 0x1bb0 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:04:02.0707 0x1bb0 Ndisuio - ok
22:04:02.0757 0x1bb0 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:04:02.0863 0x1bb0 NdisWan - ok
22:04:02.0880 0x1bb0 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:04:03.0042 0x1bb0 NDProxy - ok
22:04:03.0061 0x1bb0 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:04:03.0169 0x1bb0 NetBIOS - ok
22:04:03.0225 0x1bb0 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:04:03.0375 0x1bb0 NetBT - ok
22:04:03.0406 0x1bb0 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] Netlogon C:\Windows\system32\lsass.exe
22:04:03.0437 0x1bb0 Netlogon - ok
22:04:03.0491 0x1bb0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
22:04:03.0629 0x1bb0 Netman - ok
22:04:03.0728 0x1bb0 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:04:03.0779 0x1bb0 NetMsmqActivator - ok
22:04:03.0793 0x1bb0 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:04:03.0835 0x1bb0 NetPipeActivator - ok
22:04:03.0891 0x1bb0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
22:04:04.0038 0x1bb0 netprofm - ok
22:04:04.0053 0x1bb0 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:04:04.0092 0x1bb0 NetTcpActivator - ok
22:04:04.0106 0x1bb0 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:04:04.0144 0x1bb0 NetTcpPortSharing - ok
22:04:04.0186 0x1bb0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:04:04.0250 0x1bb0 nfrd960 - ok
22:04:04.0310 0x1bb0 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
22:04:04.0377 0x1bb0 NlaSvc - ok
22:04:04.0417 0x1bb0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:04:04.0552 0x1bb0 Npfs - ok
22:04:04.0586 0x1bb0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
22:04:04.0719 0x1bb0 nsi - ok
22:04:04.0770 0x1bb0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:04:04.0957 0x1bb0 nsiproxy - ok
22:04:05.0112 0x1bb0 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:04:05.0317 0x1bb0 Ntfs - ok
22:04:05.0355 0x1bb0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
22:04:05.0487 0x1bb0 Null - ok
22:04:06.0350 0x1bb0 [ F554291C0A11F5B713B54C5886D4AA31, 65B7DF4BB3DFF616DC2C863988E30F901E14221C00E2A99A2079E19D91D93BAE ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:04:07.0397 0x1bb0 nvlddmkm - ok
22:04:07.0479 0x1bb0 [ 3F403A74349FCE04DF8D7BE24E6A02BD, 0167E289725DB55BEE2792CF8366B62FB6B209C9B815F687C4DAC388125223C3 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
22:04:07.0544 0x1bb0 nvpciflt - ok
22:04:07.0592 0x1bb0 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:04:07.0652 0x1bb0 nvraid - ok
22:04:07.0702 0x1bb0 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:04:07.0765 0x1bb0 nvstor - ok
22:04:07.0869 0x1bb0 [ 8E99BF264C1F20934A67E91BC9F4FB20, 89AA8823B751F4CEF4E862F1270E7EFDA81A6E5D9C5F72625CBF83C70B312353 ] nvsvc C:\Windows\system32\nvvsvc.exe
22:04:07.0986 0x1bb0 nvsvc - ok
22:04:08.0225 0x1bb0 [ 815290E27B7B7D12AF013638819BE1B6, 83078B422954BBF9FFEF606EB1788EC78A1F69E7FF99F0588B72A07873797C98 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
22:04:08.0391 0x1bb0 nvUpdatusService - ok
22:04:08.0444 0x1bb0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:04:08.0533 0x1bb0 nv_agp - ok
22:04:08.0639 0x1bb0 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:04:08.0690 0x1bb0 odserv - ok
22:04:08.0719 0x1bb0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:04:08.0775 0x1bb0 ohci1394 - ok
22:04:08.0872 0x1bb0 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:04:08.0905 0x1bb0 ose - ok
22:04:08.0974 0x1bb0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:04:09.0097 0x1bb0 p2pimsvc - ok
22:04:09.0178 0x1bb0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
22:04:09.0265 0x1bb0 p2psvc - ok
22:04:09.0314 0x1bb0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
22:04:09.0396 0x1bb0 Parport - ok
22:04:09.0436 0x1bb0 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:04:09.0481 0x1bb0 partmgr - ok
22:04:09.0545 0x1bb0 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:04:09.0649 0x1bb0 PcaSvc - ok
22:04:09.0696 0x1bb0 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
22:04:09.0752 0x1bb0 pci - ok
22:04:09.0793 0x1bb0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
22:04:09.0852 0x1bb0 pciide - ok
22:04:09.0886 0x1bb0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:04:09.0944 0x1bb0 pcmcia - ok
22:04:09.0968 0x1bb0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
22:04:10.0021 0x1bb0 pcw - ok
22:04:10.0083 0x1bb0 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:04:10.0181 0x1bb0 PEAUTH - ok
22:04:10.0319 0x1bb0 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
22:04:10.0439 0x1bb0 PeerDistSvc - ok
22:04:10.0516 0x1bb0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:04:10.0582 0x1bb0 PerfHost - ok
22:04:10.0704 0x1bb0 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
22:04:10.0884 0x1bb0 pla - ok
22:04:10.0974 0x1bb0 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:04:11.0070 0x1bb0 PlugPlay - ok
22:04:11.0107 0x1bb0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:04:11.0144 0x1bb0 PNRPAutoReg - ok
22:04:11.0171 0x1bb0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:04:11.0217 0x1bb0 PNRPsvc - ok
22:04:11.0277 0x1bb0 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:04:11.0407 0x1bb0 PolicyAgent - ok
22:04:11.0484 0x1bb0 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
22:04:11.0595 0x1bb0 Power - ok
22:04:11.0659 0x1bb0 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:04:11.0813 0x1bb0 PptpMiniport - ok
22:04:11.0833 0x1bb0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
22:04:11.0912 0x1bb0 Processor - ok
22:04:11.0967 0x1bb0 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
22:04:12.0063 0x1bb0 ProfSvc - ok
22:04:12.0084 0x1bb0 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:04:12.0110 0x1bb0 ProtectedStorage - ok
22:04:12.0143 0x1bb0 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:04:12.0277 0x1bb0 Psched - ok
22:04:12.0386 0x1bb0 [ 595A22C4CCE855E72D475835F3DF2D53, E931AED5294B1FF36082C111331A38DCF867FCC8C3B392C31061777EEDA3A896 ] pwdrvio C:\Windows\system32\pwdrvio.sys
22:04:12.0459 0x1bb0 pwdrvio - ok
22:04:12.0537 0x1bb0 [ 70EB529F6FEDAC79D0A8E3BB79999277, 69A42429E7B3E0AACD2897B9E9B74D17534D2BE6C8A39D96413295D9223457CA ] pwdspio C:\Windows\system32\pwdspio.sys
22:04:12.0603 0x1bb0 pwdspio - ok
22:04:12.0731 0x1bb0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:04:12.0911 0x1bb0 ql2300 - ok
22:04:12.0950 0x1bb0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:04:13.0001 0x1bb0 ql40xx - ok
22:04:13.0037 0x1bb0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
22:04:13.0102 0x1bb0 QWAVE - ok
22:04:13.0147 0x1bb0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:04:13.0212 0x1bb0 QWAVEdrv - ok
22:04:13.0239 0x1bb0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:04:13.0345 0x1bb0 RasAcd - ok
22:04:13.0420 0x1bb0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:04:13.0552 0x1bb0 RasAgileVpn - ok
22:04:13.0605 0x1bb0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
22:04:13.0694 0x1bb0 RasAuto - ok
22:04:13.0731 0x1bb0 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:04:13.0852 0x1bb0 Rasl2tp - ok
22:04:13.0901 0x1bb0 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
22:04:14.0003 0x1bb0 RasMan - ok
22:04:14.0036 0x1bb0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:04:14.0161 0x1bb0 RasPppoe - ok
22:04:14.0224 0x1bb0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:04:14.0377 0x1bb0 RasSstp - ok
22:04:14.0435 0x1bb0 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:04:14.0588 0x1bb0 rdbss - ok
22:04:14.0610 0x1bb0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:04:14.0696 0x1bb0 rdpbus - ok
22:04:14.0734 0x1bb0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:04:14.0823 0x1bb0 RDPCDD - ok
22:04:14.0875 0x1bb0 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
22:04:14.0948 0x1bb0 RDPDR - ok
22:04:14.0964 0x1bb0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:04:15.0090 0x1bb0 RDPENCDD - ok
22:04:15.0162 0x1bb0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:04:15.0291 0x1bb0 RDPREFMP - ok
22:04:15.0322 0x1bb0 [ 065F79543D7999EC28B687F87E96B803, 6B235C422DCA79ABF0D051C066B2866643333F7ADB7AF914F6EEAC448AA59AAF ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:04:15.0419 0x1bb0 RdpVideoMiniport - ok
22:04:15.0464 0x1bb0 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:04:15.0584 0x1bb0 RDPWD - ok
22:04:15.0619 0x1bb0 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:04:15.0675 0x1bb0 rdyboost - ok
22:04:15.0706 0x1bb0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:04:15.0815 0x1bb0 RemoteAccess - ok
22:04:15.0867 0x1bb0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:04:15.0966 0x1bb0 RemoteRegistry - ok
22:04:15.0991 0x1bb0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:04:16.0077 0x1bb0 RpcEptMapper - ok
22:04:16.0105 0x1bb0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
22:04:16.0167 0x1bb0 RpcLocator - ok
22:04:16.0250 0x1bb0 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
22:04:16.0310 0x1bb0 RpcSs - ok
22:04:16.0363 0x1bb0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:04:16.0533 0x1bb0 rspndr - ok
22:04:16.0570 0x1bb0 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
22:04:16.0645 0x1bb0 s3cap - ok
22:04:16.0686 0x1bb0 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] SamSs C:\Windows\system32\lsass.exe
22:04:16.0719 0x1bb0 SamSs - ok
22:04:16.0749 0x1bb0 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:04:16.0793 0x1bb0 sbp2port - ok
22:04:16.0839 0x1bb0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:04:16.0935 0x1bb0 SCardSvr - ok
22:04:16.0954 0x1bb0 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:04:17.0072 0x1bb0 scfilter - ok
22:04:17.0175 0x1bb0 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
22:04:17.0328 0x1bb0 Schedule - ok
22:04:17.0370 0x1bb0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:04:17.0469 0x1bb0 SCPolicySvc - ok
22:04:17.0511 0x1bb0 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
22:04:17.0604 0x1bb0 sdbus - ok
22:04:17.0657 0x1bb0 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:04:17.0754 0x1bb0 SDRSVC - ok
22:04:17.0799 0x1bb0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] Secdrv C:\Windows\system32\drivers\SECDRV.SYS
22:04:17.0898 0x1bb0 Secdrv - ok
22:04:17.0940 0x1bb0 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
22:04:17.0980 0x1bb0 seclogon - ok
22:04:18.0008 0x1bb0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
22:04:18.0100 0x1bb0 SENS - ok
22:04:18.0123 0x1bb0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:04:18.0204 0x1bb0 SensrSvc - ok
22:04:18.0285 0x1bb0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
22:04:18.0358 0x1bb0 Serenum - ok
22:04:18.0428 0x1bb0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
22:04:18.0514 0x1bb0 Serial - ok
22:04:18.0553 0x1bb0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:04:18.0624 0x1bb0 sermouse - ok
22:04:18.0698 0x1bb0 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
22:04:18.0807 0x1bb0 SessionEnv - ok
22:04:18.0847 0x1bb0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
22:04:18.0903 0x1bb0 sffdisk - ok
22:04:18.0932 0x1bb0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
22:04:19.0012 0x1bb0 sffp_mmc - ok
22:04:19.0043 0x1bb0 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
22:04:19.0118 0x1bb0 sffp_sd - ok
22:04:19.0154 0x1bb0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:04:19.0236 0x1bb0 sfloppy - ok
22:04:19.0298 0x1bb0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:04:19.0424 0x1bb0 SharedAccess - ok
22:04:19.0490 0x1bb0 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:04:19.0624 0x1bb0 ShellHWDetection - ok
22:04:19.0667 0x1bb0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
22:04:19.0706 0x1bb0 SiSRaid2 - ok
22:04:19.0735 0x1bb0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:04:19.0789 0x1bb0 SiSRaid4 - ok
22:04:19.0855 0x1bb0 [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:04:19.0899 0x1bb0 SkypeUpdate - ok
22:04:19.0953 0x1bb0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:04:20.0065 0x1bb0 Smb - ok
22:04:20.0089 0x1bb0 [ BE07CEC32D00032A7F6BC463BF057333, E529664382A1FD6D1040DCE6E4BD69456106978BD553A4E7D0FFAB01E9E8E14A ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
22:04:20.0110 0x1bb0 SmbDrvI - ok
22:04:20.0162 0x1bb0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:04:20.0223 0x1bb0 SNMPTRAP - ok
22:04:20.0294 0x1bb0 [ 12583AF6CBE0050651EAF2723B3AD7B3, 965D4F981B54669A96C5AB02D09BF0A9850D13862425B8981F1A9271350F28BB ] speedfan C:\Windows\syswow64\speedfan.sys
22:04:20.0339 0x1bb0 speedfan - ok
22:04:20.0367 0x1bb0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
22:04:20.0413 0x1bb0 spldr - ok
22:04:20.0479 0x1bb0 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
22:04:20.0556 0x1bb0 Spooler - ok
22:04:20.0791 0x1bb0 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
22:04:21.0103 0x1bb0 sppsvc - ok
22:04:21.0162 0x1bb0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:04:21.0245 0x1bb0 sppuinotify - ok
22:04:21.0462 0x1bb0 [ 51796577C8178BA752D474EB9F752FB0, 5AD6696794DAC666A3F4C9A0A0460F5061080724A5DFA6CAC3FA494F256CEFAD ] SPUVCbv C:\Windows\system32\Drivers\SPUVCbv_x64.sys
22:04:21.0734 0x1bb0 SPUVCbv - ok
22:04:21.0800 0x1bb0 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:04:21.0951 0x1bb0 srv - ok
22:04:21.0989 0x1bb0 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:04:22.0077 0x1bb0 srv2 - ok
22:04:22.0101 0x1bb0 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:04:22.0244 0x1bb0 srvnet - ok
22:04:22.0292 0x1bb0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:04:22.0386 0x1bb0 SSDPSRV - ok
22:04:22.0406 0x1bb0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:04:22.0524 0x1bb0 SstpSvc - ok
22:04:22.0567 0x1bb0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
22:04:22.0615 0x1bb0 stexstor - ok
22:04:22.0681 0x1bb0 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
22:04:22.0781 0x1bb0 stisvc - ok
22:04:22.0827 0x1bb0 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
22:04:22.0872 0x1bb0 storflt - ok
22:04:22.0924 0x1bb0 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
22:04:22.0963 0x1bb0 storvsc - ok
22:04:22.0986 0x1bb0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:04:23.0032 0x1bb0 swenum - ok
22:04:23.0094 0x1bb0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
22:04:23.0206 0x1bb0 swprv - ok
22:04:23.0263 0x1bb0 [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
22:04:23.0317 0x1bb0 Synth3dVsc - ok
22:04:23.0417 0x1bb0 [ EF51B22706DB03F0857FADE127C804EC, F3A97B8D94E96ACF93448CDF33DED97B076C3D8FFE42E9EAD088EE662306277B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
22:04:23.0515 0x1bb0 SynTP - ok
22:04:23.0663 0x1bb0 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
22:04:23.0850 0x1bb0 SysMain - ok
22:04:23.0879 0x1bb0 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:04:23.0922 0x1bb0 TabletInputService - ok
22:04:23.0959 0x1bb0 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
22:04:24.0090 0x1bb0 TapiSrv - ok
22:04:24.0249 0x1bb0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:04:24.0464 0x1bb0 Tcpip - ok
22:04:24.0605 0x1bb0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:04:24.0799 0x1bb0 TCPIP6 - ok
22:04:24.0859 0x1bb0 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:04:24.0912 0x1bb0 tcpipreg - ok
22:04:24.0949 0x1bb0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:04:25.0013 0x1bb0 TDPIPE - ok
22:04:25.0040 0x1bb0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:04:25.0116 0x1bb0 TDTCP - ok
22:04:25.0150 0x1bb0 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:04:25.0205 0x1bb0 tdx - ok
22:04:25.0888 0x1bb0 [ D6DDCFFF145CB7D334EECC2F9A8E304F, DC2E19A799F336DF299460C8DB4EE0B2597ADC6C4728F2BB3BBCFA1192BE809C ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
22:04:26.0536 0x1bb0 TeamViewer - ok
22:04:26.0624 0x1bb0 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:04:26.0674 0x1bb0 TermDD - ok
22:04:26.0698 0x1bb0 [ 2B5BDFF688EC9871D7EC5837833374E9, BD6C629FA2938987ABF95B790B20F0B7D4D023D5013E575F343A802D6213074E ] terminpt C:\Windows\system32\drivers\terminpt.sys
22:04:26.0763 0x1bb0 terminpt - ok
22:04:26.0843 0x1bb0 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
22:04:26.0938 0x1bb0 TermService - ok
22:04:26.0971 0x1bb0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
22:04:27.0055 0x1bb0 Themes - ok
22:04:27.0093 0x1bb0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
22:04:27.0178 0x1bb0 THREADORDER - ok
22:04:27.0273 0x1bb0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
22:04:27.0396 0x1bb0 TrkWks - ok
22:04:27.0486 0x1bb0 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:04:27.0576 0x1bb0 TrustedInstaller - ok
22:04:27.0618 0x1bb0 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:04:27.0727 0x1bb0 tssecsrv - ok
22:04:27.0771 0x1bb0 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:04:27.0884 0x1bb0 TsUsbFlt - ok
22:04:27.0914 0x1bb0 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
22:04:27.0991 0x1bb0 TsUsbGD - ok
22:04:28.0046 0x1bb0 [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
22:04:28.0112 0x1bb0 tsusbhub - ok
22:04:28.0168 0x1bb0 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:04:28.0321 0x1bb0 tunnel - ok
22:04:28.0356 0x1bb0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:04:28.0405 0x1bb0 uagp35 - ok
22:04:28.0444 0x1bb0 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:04:28.0710 0x1bb0 udfs - ok
22:04:28.0771 0x1bb0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:04:28.0935 0x1bb0 UI0Detect - ok
22:04:29.0005 0x1bb0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:04:29.0078 0x1bb0 uliagpkx - ok
22:04:29.0129 0x1bb0 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:04:29.0227 0x1bb0 umbus - ok
22:04:29.0252 0x1bb0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
22:04:29.0346 0x1bb0 UmPass - ok
22:04:29.0379 0x1bb0 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
22:04:29.0442 0x1bb0 UmRdpService - ok
22:04:29.0724 0x1bb0 [ A678E5DDD974903DD71F503BDCACA218, E8ECF79B78CF777066FF31847959A70773665ED2DAAF942B8A1C54BA56F330BA ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:04:29.0920 0x1bb0 UNS - ok
22:04:29.0997 0x1bb0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
22:04:30.0095 0x1bb0 upnphost - ok
22:04:30.0147 0x1bb0 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:04:30.0221 0x1bb0 usbccgp - ok
22:04:30.0274 0x1bb0 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:04:30.0334 0x1bb0 usbcir - ok
22:04:30.0371 0x1bb0 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:04:30.0424 0x1bb0 usbehci - ok
22:04:30.0468 0x1bb0 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:04:30.0559 0x1bb0 usbhub - ok
22:04:30.0602 0x1bb0 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:04:30.0671 0x1bb0 usbohci - ok
22:04:30.0722 0x1bb0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:04:30.0788 0x1bb0 usbprint - ok
22:04:30.0829 0x1bb0 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:04:30.0922 0x1bb0 usbscan - ok
22:04:30.0952 0x1bb0 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:04:31.0063 0x1bb0 USBSTOR - ok
22:04:31.0108 0x1bb0 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:04:31.0158 0x1bb0 usbuhci - ok
22:04:31.0226 0x1bb0 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
22:04:31.0357 0x1bb0 usbvideo - ok
22:04:31.0391 0x1bb0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
22:04:31.0482 0x1bb0 UxSms - ok
22:04:31.0498 0x1bb0 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] VaultSvc C:\Windows\system32\lsass.exe
22:04:31.0532 0x1bb0 VaultSvc - ok
22:04:31.0611 0x1bb0 VBoxAswDrv - ok
22:04:31.0656 0x1bb0 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:04:31.0705 0x1bb0 vdrvroot - ok
22:04:31.0763 0x1bb0 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
22:04:31.0927 0x1bb0 vds - ok
22:04:31.0965 0x1bb0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:04:32.0051 0x1bb0 vga - ok
22:04:32.0091 0x1bb0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
22:04:32.0192 0x1bb0 VgaSave - ok
22:04:32.0199 0x1bb0 VGPU - ok
22:04:32.0241 0x1bb0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:04:32.0305 0x1bb0 vhdmp - ok
22:04:32.0339 0x1bb0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
22:04:32.0397 0x1bb0 viaide - ok
22:04:32.0436 0x1bb0 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
22:04:32.0496 0x1bb0 vmbus - ok
22:04:32.0521 0x1bb0 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
22:04:32.0564 0x1bb0 VMBusHID - ok
22:04:32.0593 0x1bb0 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:04:32.0652 0x1bb0 volmgr - ok
22:04:32.0688 0x1bb0 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:04:32.0760 0x1bb0 volmgrx - ok
22:04:32.0809 0x1bb0 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:04:32.0881 0x1bb0 volsnap - ok
22:04:32.0907 0x1bb0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:04:32.0962 0x1bb0 vsmraid - ok
22:04:33.0093 0x1bb0 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
22:04:33.0323 0x1bb0 VSS - ok
22:04:33.0361 0x1bb0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:04:33.0467 0x1bb0 vwifibus - ok
22:04:33.0501 0x1bb0 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:04:33.0558 0x1bb0 vwififlt - ok
22:04:33.0615 0x1bb0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
22:04:33.0720 0x1bb0 W32Time - ok
22:04:33.0748 0x1bb0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:04:33.0798 0x1bb0 WacomPen - ok
22:04:33.0833 0x1bb0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:04:33.0983 0x1bb0 WANARP - ok
22:04:33.0994 0x1bb0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:04:34.0096 0x1bb0 Wanarpv6 - ok
22:04:34.0231 0x1bb0 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
22:04:34.0326 0x1bb0 WatAdminSvc - ok
22:04:34.0458 0x1bb0 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
22:04:34.0666 0x1bb0 wbengine - ok
22:04:34.0715 0x1bb0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:04:34.0808 0x1bb0 WbioSrvc - ok
22:04:34.0855 0x1bb0 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:04:34.0922 0x1bb0 wcncsvc - ok
22:04:34.0943 0x1bb0 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:04:35.0027 0x1bb0 WcsPlugInService - ok
22:04:35.0065 0x1bb0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
22:04:35.0102 0x1bb0 Wd - ok
22:04:35.0178 0x1bb0 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:04:35.0299 0x1bb0 Wdf01000 - ok
22:04:35.0333 0x1bb0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:04:35.0429 0x1bb0 WdiServiceHost - ok
22:04:35.0437 0x1bb0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:04:35.0465 0x1bb0 WdiSystemHost - ok
22:04:35.0502 0x1bb0 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
22:04:35.0567 0x1bb0 WebClient - ok
22:04:35.0616 0x1bb0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:04:35.0755 0x1bb0 Wecsvc - ok
22:04:35.0792 0x1bb0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:04:35.0938 0x1bb0 wercplsupport - ok
22:04:35.0980 0x1bb0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
22:04:36.0124 0x1bb0 WerSvc - ok
22:04:36.0212 0x1bb0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:04:36.0345 0x1bb0 WfpLwf - ok
22:04:36.0400 0x1bb0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:04:36.0445 0x1bb0 WIMMount - ok
22:04:36.0493 0x1bb0 WinDefend - ok
22:04:36.0534 0x1bb0 WinHttpAutoProxySvc - ok
22:04:36.0650 0x1bb0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:04:36.0790 0x1bb0 Winmgmt - ok
22:04:36.0988 0x1bb0 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
22:04:37.0468 0x1bb0 WinRM - ok
22:04:37.0556 0x1bb0 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:04:37.0613 0x1bb0 WinUsb - ok
22:04:37.0655 0x1bb0 WiseBootAssistant - ok
22:04:37.0665 0x1bb0 WiseHDInfo - ok
22:04:37.0752 0x1bb0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:04:37.0851 0x1bb0 Wlansvc - ok
22:04:37.0883 0x1bb0 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
22:04:37.0937 0x1bb0 WmiAcpi - ok
22:04:37.0989 0x1bb0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:04:38.0033 0x1bb0 wmiApSrv - ok
22:04:38.0084 0x1bb0 WMPNetworkSvc - ok
22:04:38.0112 0x1bb0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:04:38.0207 0x1bb0 WPCSvc - ok
22:04:38.0230 0x1bb0 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:04:38.0286 0x1bb0 WPDBusEnum - ok
22:04:38.0320 0x1bb0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:04:38.0437 0x1bb0 ws2ifsl - ok
22:04:38.0492 0x1bb0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
22:04:38.0564 0x1bb0 wscsvc - ok
22:04:38.0571 0x1bb0 WSearch - ok
22:04:38.0779 0x1bb0 [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv C:\Windows\system32\wuaueng.dll
22:04:39.0248 0x1bb0 wuauserv - ok
22:04:39.0316 0x1bb0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:04:39.0407 0x1bb0 WudfPf - ok
22:04:39.0630 0x1bb0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:04:39.0748 0x1bb0 WUDFRd - ok
22:04:39.0785 0x1bb0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:04:39.0820 0x1bb0 wudfsvc - ok
22:04:39.0858 0x1bb0 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
22:04:39.0973 0x1bb0 WwanSvc - ok
22:04:40.0008 0x1bb0 ================ Scan global ===============================
22:04:40.0043 0x1bb0 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
22:04:40.0079 0x1bb0 [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
22:04:40.0109 0x1bb0 [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
22:04:40.0163 0x1bb0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
22:04:40.0223 0x1bb0 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
22:04:40.0242 0x1bb0 [ Global ] - ok
22:04:40.0243 0x1bb0 ================ Scan MBR ==================================
22:04:40.0253 0x1bb0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:04:41.0142 0x1bb0 \Device\Harddisk0\DR0 - ok
22:04:41.0143 0x1bb0 ================ Scan VBR ==================================
22:04:41.0155 0x1bb0 [ CB42739463E3384D1EA2BA2D5ED1F706 ] \Device\Harddisk0\DR0\Partition1
22:04:41.0157 0x1bb0 \Device\Harddisk0\DR0\Partition1 - ok
22:04:41.0175 0x1bb0 [ 5311D0EDE184F2BCEB54E37F13990883 ] \Device\Harddisk0\DR0\Partition2
22:04:41.0177 0x1bb0 \Device\Harddisk0\DR0\Partition2 - ok
22:04:41.0178 0x1bb0 ================ Scan generic autorun ======================
22:04:42.0221 0x1bb0 [ 8626860A81DE4E1FE099D189E922EF65, E63911EA3127A21304187A2BE381F25C68236D89A7D666AC4E9D5C18A3EA4E34 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
22:04:43.0404 0x1bb0 RtHDVCpl - ok
22:04:43.0572 0x1bb0 [ 1056510ED7D1E9E32A64B302D8612E79, 8E6B251CAE361CC34268948D462D9913966EE8AB4D1845782736C631741E7C81 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
22:04:43.0684 0x1bb0 RtHDVBg - ok
22:04:43.0687 0x1bb0 SynTPEnh - ok
22:04:43.0793 0x1bb0 [ 5FDFB8E924219645DD26D0FC378F8182, F704AED82B60D1B38E523E46F9788A65EF50D58439784DA6BF90E1C299994652 ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
22:04:43.0861 0x1bb0 Acer ePower Management - ok
22:04:43.0975 0x1bb0 [ 1056510ED7D1E9E32A64B302D8612E79, 8E6B251CAE361CC34268948D462D9913966EE8AB4D1845782736C631741E7C81 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
22:04:44.0077 0x1bb0 RtHDVBg_Dolby - ok
22:04:44.0080 0x1bb0 ETDCtrl - ok
22:04:44.0145 0x1bb0 [ C5D79C8D3C010A083C21A9612B4D906E, 141AB809E440F883258DEED979BEEE5B2C18E79BA9128F4C8BECE1FE79928937 ] C:\Windows\system32\igfxtray.exe
22:04:44.0180 0x1bb0 IgfxTray - ok
22:04:44.0230 0x1bb0 [ A0B03897D4A8DA274467C4B9FC292ACE, 077D3E4E7373D6165B0A7B0E168384BD397ED60A63D85341CEC6CCE72DF41507 ] C:\Windows\system32\hkcmd.exe
22:04:44.0283 0x1bb0 HotKeysCmds - ok
22:04:44.0332 0x1bb0 [ 1F963E569AD9764CACB397452F72608C, F97560022D07D433BA38CB4E9260346D6106493172CA994D864D0F63159F70BB ] C:\Windows\system32\igfxpers.exe
22:04:44.0386 0x1bb0 Persistence - ok
22:04:44.0434 0x1bb0 [ E4D27AA5E03A5A0A5CD598CFA07E5DFE, 482572511AAA38246A3EE61D900E8C3601A2B9F0F28DDAD973C2ECEBFE0DDED7 ] C:\Windows\System32\rstrui.exe
22:04:44.0525 0x1bb0 *Restore - ok
22:04:44.0575 0x1bb0 [ 8784236EED5079493DA9FC95B28B89F8, E59C349B964F585C27F63FBF7C1B5D7C6CF8CC958BD35100A36D57542DC13972 ] C:\Windows\SYSTEM32\WerFault.exe
22:04:44.0684 0x1bb0 *WerKernelReporting - ok
22:04:44.0688 0x1bb0 MSPCLOCK - ok
22:04:44.0692 0x1bb0 MSPQM - ok
22:04:44.0696 0x1bb0 MSKSSRV - ok
22:04:44.0700 0x1bb0 MSTEE.CxTransform - ok
22:04:44.0704 0x1bb0 MSTEE.Splitter - ok
22:04:44.0708 0x1bb0 WDM_DRMKAUD - ok
22:04:44.0787 0x1bb0 [ 12E54BDE520DC85A611D7245DF44BCE5, 8F90F71AC97CE47D6A4F3491A48E3F857E8DEFD51E2DFDD528666AFC592E3B4E ] C:\Program Files (x86)\FreePDF_XP\fpassist.exe
22:04:44.0843 0x1bb0 FreePDF Assistant - detected UnsignedFile.Multi.Generic ( 1 )
22:04:47.0643 0x1bb0 Detect skipped due to KSN trusted
22:04:47.0643 0x1bb0 FreePDF Assistant - ok
22:04:47.0803 0x1bb0 [ D3AC38E80E928CC61A22650E04423BB8, 8DB324E5BCC2A721EB0C48F0F3ECC21E49D6172A3BF8ACC55244C08FAEB3101C ] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
22:04:47.0885 0x1bb0 EEventManager - ok
22:04:48.0399 0x1bb0 [ 2D6800E17FEBB51E3C75CD935E2BA8F5, 0831307B35FB346116B6DB67B8EF87384A1BF08A8EEEB6343560AA5C4EED2B23 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
22:04:49.0059 0x1bb0 AvastUI.exe - ok
22:04:49.0144 0x1bb0 [ 6513807FEE68E6C32E67437EE3FFB6C8, 2AB388BD68E984C38EAAF2D42DE918A64B42DA229627FC0B1A896A8AD60B5F91 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
22:04:49.0302 0x1bb0 SunJavaUpdateSched - ok
22:04:49.0425 0x1bb0 [ F825F2FC7E76DB86A9C5B0984221B5DB, BF526CCB010DB0CA9BA21E4615D17289D5A2F721884B181AE2316B8232DC4977 ] C:\Program Files\AVAST Software\Avast\setup\emupdate\2322d091-33a3-4322-9ee4-4df0d4ac8d82.exe
22:04:49.0459 0x1bb0 20150107 - ok
22:04:49.0587 0x1bb0 [ A9D047B4AB48D5A70CFBF3816ABCC5E4, E2DB14DB8CCA1145C6F738AF60BACA44B9E836B09C1D1279E0A0F33C63BF2EE7 ] C:\Windows\is-SAIVE.exe
22:04:49.0680 0x1bb0 InnoSetupRegFile.0000000001 - detected UnsignedFile.Multi.Generic ( 1 )
22:04:53.0317 0x1bb0 InnoSetupRegFile.0000000001 ( UnsignedFile.Multi.Generic ) - warning
22:04:56.0229 0x1bb0 [ A9D047B4AB48D5A70CFBF3816ABCC5E4, E2DB14DB8CCA1145C6F738AF60BACA44B9E836B09C1D1279E0A0F33C63BF2EE7 ] C:\Windows\is-F60Q9.exe
22:04:56.0327 0x1bb0 InnoSetupRegFile.0000000002 - detected UnsignedFile.Multi.Generic ( 1 )
22:04:56.0328 0x1bb0 InnoSetupRegFile.0000000002 ( UnsignedFile.Multi.Generic ) - warning
22:04:56.0328 0x1bb0 Force sending object to P2P due to detect: C:\Windows\is-F60Q9.exe
22:04:59.0202 0x1bb0 Object send P2P result: true
22:05:02.0056 0x1bb0 [ A9D047B4AB48D5A70CFBF3816ABCC5E4, E2DB14DB8CCA1145C6F738AF60BACA44B9E836B09C1D1279E0A0F33C63BF2EE7 ] C:\Windows\is-AEUAP.exe
22:05:02.0157 0x1bb0 InnoSetupRegFile.0000000003 - detected UnsignedFile.Multi.Generic ( 1 )
22:05:02.0157 0x1bb0 InnoSetupRegFile.0000000003 ( UnsignedFile.Multi.Generic ) - warning
22:05:04.0960 0x1bb0 [ 9CEE13DDCF207923A1849A8371E714E9, F1265E1065AEC5CC1397617F6EB9D6321A1B6B14447D4BA0FE23AC7532675403 ] C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe
22:05:04.0981 0x1bb0 Malwarebytes Anti-Malware (cleanup) - ok
22:05:05.0102 0x1bb0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:05:05.0267 0x1bb0 Sidebar - ok
22:05:05.0304 0x1bb0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:05:05.0348 0x1bb0 mctadmin - ok
22:05:05.0447 0x1bb0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:05:05.0571 0x1bb0 Sidebar - ok
22:05:05.0583 0x1bb0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:05:05.0628 0x1bb0 mctadmin - ok
22:05:05.0768 0x1bb0 [ 6CF0ACD321C93EB978C4908DEB79B7FB, 2B18A6C9A5418C4EA4289D896D1ECB17F66C9E7910AFB1F33B12712D15BE751A ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
22:05:05.0839 0x1bb0 GoogleChromeAutoLaunch_D8107CCCFBFF2A4366A2C687393EC971 - ok
22:05:05.0885 0x1bb0 Skype - ok
22:05:06.0036 0x1bb0 [ 77C01F1850E55373280A1B865D824F58, EE1535A11A49BF578FC4D00096508FFD0C4E20EC164B3ABB92ED6E2800F831C8 ] C:\Users\Sandra Nicola\AppData\Local\Microsoft\BingSvc\BingSvc.exe
22:05:06.0072 0x1bb0 BingSvc - ok
22:05:06.0318 0x1bb0 [ 10B531B9D0CBCCDD9B2C7C62036F8BE4, DA9C942C9446A219BB3B341E6F3D5EB8E18051FC09403CA2FCBCB814DFF20842 ] C:\Program Files (x86)\MirandaFusion\fusiontools\mfstart.exe
22:05:06.0432 0x1bb0 Miranda Fusion - detected UnsignedFile.Multi.Generic ( 1 )
22:05:09.0266 0x1bb0 Detect skipped due to KSN trusted
22:05:09.0266 0x1bb0 Miranda Fusion - ok
22:05:09.0314 0x1bb0 [ 598FF7C5F90CA2E6689DFBAC88C8E343, 83DF16B66B3FCB9706BA127A99EC073C76E1E04A524CF05D527FC8D0D292BF60 ] C:\AdwCleaner\AdwCleaner[C1].txt
22:05:09.0471 0x1bb0 Report - detected UnsignedFile.Multi.Generic ( 1 )
22:05:12.0277 0x1bb0 Report ( UnsignedFile.Multi.Generic ) - warning
22:05:15.0060 0x1bb0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:05:15.0154 0x1bb0 Sidebar - ok
22:05:15.0194 0x1bb0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:05:15.0251 0x1bb0 mctadmin - ok
22:05:15.0478 0x1bb0 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
22:05:15.0632 0x1bb0 Sidebar - ok
22:05:15.0639 0x1bb0 Skype - ok
22:05:15.0724 0x1bb0 [ 10B531B9D0CBCCDD9B2C7C62036F8BE4, DA9C942C9446A219BB3B341E6F3D5EB8E18051FC09403CA2FCBCB814DFF20842 ] C:\Program Files (x86)\MirandaFusion\fusiontools\mfstart.exe
22:05:15.0789 0x1bb0 Miranda Fusion - detected UnsignedFile.Multi.Generic ( 1 )
22:05:15.0789 0x1bb0 Detect skipped due to KSN trusted
22:05:15.0789 0x1bb0 Miranda Fusion - ok
22:05:16.0003 0x1bb0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:05:16.0101 0x1bb0 Sidebar - ok
22:05:16.0127 0x1bb0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:05:16.0174 0x1bb0 mctadmin - ok
22:05:16.0240 0x1bb0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:05:16.0332 0x1bb0 Sidebar - ok
22:05:16.0347 0x1bb0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:05:16.0395 0x1bb0 mctadmin - ok
22:05:16.0455 0x1bb0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:05:16.0558 0x1bb0 Sidebar - ok
22:05:16.0583 0x1bb0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:05:16.0632 0x1bb0 mctadmin - ok
22:05:16.0633 0x1bb0 Waiting for KSN requests completion. In queue: 1
22:05:17.0633 0x1bb0 Waiting for KSN requests completion. In queue: 1
22:05:18.0633 0x1bb0 Waiting for KSN requests completion. In queue: 1
22:05:19.0704 0x1bb0 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 11.2.2738.0 ), 0x41000 ( enabled : updated )
22:05:19.0727 0x1bb0 Win FW state via NFP2: enabled ( trusted )
22:05:26.0369 0x1bb0 ============================================================
22:05:26.0369 0x1bb0 Scan finished
22:05:26.0369 0x1bb0 ============================================================
22:05:26.0389 0x270c Detected object count: 4
22:05:26.0390 0x270c Actual detected object count: 4
22:06:40.0823 0x270c InnoSetupRegFile.0000000001 ( UnsignedFile.Multi.Generic ) - skipped by user
22:06:40.0824 0x270c InnoSetupRegFile.0000000001 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:06:40.0827 0x270c InnoSetupRegFile.0000000002 ( UnsignedFile.Multi.Generic ) - skipped by user
22:06:40.0828 0x270c InnoSetupRegFile.0000000002 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:06:40.0833 0x270c InnoSetupRegFile.0000000003 ( UnsignedFile.Multi.Generic ) - skipped by user
22:06:40.0833 0x270c InnoSetupRegFile.0000000003 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:06:40.0835 0x270c Report ( UnsignedFile.Multi.Generic ) - skipped by user
22:06:40.0835 0x270c Report ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
15.06.2016, 21:20
| #4 |
| | System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-06-2016
Ran by Sandra Nicola (administrator) on SCHNUBBI (15-06-2016 22:10:58)
Running from C:\Users\Sany\Desktop
Loaded Profiles: Sandra Nicola & Sany & UpdatusUser (Available Profiles: Sandra Nicola & Sany & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Englisch (USA)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHLE.EXE
(Miranda IM) C:\Program Files (x86)\MirandaFusion\miranda32.exe
(Dropbox, Inc.) C:\Users\Sany\AppData\Roaming\Dropbox\bin\Dropbox.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860040 2010-10-29] (Acer Incorporated)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3351248 2015-09-09] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7405752 2016-06-10] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM\...\RunOnce: [*Restore] => C:\Windows\System32\rstrui.exe [296960 2016-04-09] (Microsoft Corporation)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [415232 2009-07-14] (Microsoft Corporation)
HKLM\...\RunOnce: [MSPCLOCK] => rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\RunOnce: [MSPQM] => rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\RunOnce: [MSKSSRV] => rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\RunOnce: [MSTEE.CxTransform] => rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interf (the data entry has 11 more characters).
HKLM\...\RunOnce: [MSTEE.Splitter] => rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interf (the data entry has 11 more characters).
HKLM\...\RunOnce: [WDM_DRMKAUD] => rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD. (the data entry has 17 more characters).
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\2322d091-33a3-4322-9ee4-4df0d4ac8d82.exe [168336 2016-01-21] (AVAST Software)
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000001] => "C:\Windows\is-SAIVE.exe" /REG /REGSVRMODE
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000002] => "C:\Windows\is-F60Q9.exe" /REG /REGSVRMODE
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000003] => "C:\Windows\is-AEUAP.exe" /REG /REGSVRMODE
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2015-10-05] (Malwarebytes)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [GoogleChromeAutoLaunch_D8107CCCFBFF2A4366A2C687393EC971] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-06-04] (Google Inc.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [BingSvc] => C:\Users\Sandra Nicola\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [Miranda Fusion] => C:\Program Files (x86)\MirandaFusion\fusiontools\mfstart.exe [1121824 2015-11-08] (Miranda Fusion Team)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[C1].txt
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Miranda Fusion] => C:\Program Files (x86)\MirandaFusion\fusiontools\mfstart.exe [1121824 2015-11-08] (Miranda Fusion Team)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [ABBYY Screenshot Reader Bonus] => "C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint\Bonus.ScreenshotReader.exe" -autorun
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Amazon Music] => C:\Users\Sany\AppData\Local\Amazon Music\Amazon Music Helper.exe [5890368 2015-11-18] ()
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Dropbox Update] => C:\Users\Sany\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [GoogleChromeAutoLaunch_26CFC6DA14F856D58D6B043755960AA3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-06-04] (Google Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-04] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
Startup: C:\Users\Sany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-06-04]
ShortcutTarget: Dropbox.lnk -> C:\Users\Sandra Nicola\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{CA6C2E5B-F789-438E-98CC-4F038A4F400C}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=de-de
SearchScopes: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-10] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-05-04] (AVAST Software)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-10] (Oracle Corporation)
BHO: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-05-04] (AVAST Software)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
FireFox:
========
FF ProfilePath: C:\Users\Sandra Nicola\AppData\Roaming\Mozilla\Firefox\Profiles\5ls1riua.default-1442688592423
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-10] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-08-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-08-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-08-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nppl3260.dll [2010-02-04] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nprpjplug.dll [2010-02-04] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-20] (Nullsoft, Inc.)
FF Extension: Classic Theme Restorer - C:\Users\Sandra Nicola\AppData\Roaming\Mozilla\Firefox\Profiles\5ls1riua.default-1442688592423\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2016-06-12]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-04]
FF HKLM\...\Firefox\Extensions: [dnshelp@dnshelp.com] - C:\Users\Sany\AppData\Roaming\Helper
FF Extension: Helper - C:\Users\Sany\AppData\Roaming\Helper [2013-12-10] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-04]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://de.ogame.gameforge.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Cast) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-09-19]
CHR Extension: (Adblock Plus) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-19]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2015-09-19]
CHR Extension: (Tampermonkey) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-09-19]
CHR Extension: (Bookmark Manager) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-09-19]
CHR Extension: (Avast Online Security) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-19]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-19]
CHR Extension: (AntiGameOrigin) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldbahlcmhmlpomdepooifmhnalokdhgm [2015-04-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-19]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-04] (AVAST Software)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-11] (Digital Wave Ltd.)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [145624 2015-09-09] (ELAN Microelectronics Corp.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-04] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-04] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30960 2015-05-29] (Intel Corporation)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52320 2014-08-15] (hxxp://libusb-win32.sourceforge.net)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-12] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-03-29] (Intel Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19936 2011-09-02] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2011-09-02] ()
S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [11616 2001-08-25] () [File not signed]
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33448 2014-12-11] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2610808 2011-04-06] (Sunplus Technology)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2015-05-25] (Seiko Epson Corporation)
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WiseHDInfo; \??\C:\Program Files (x86)\Wise\Wise Care 365\WiseHDInfo64.dll [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-15 22:10 - 2016-06-15 22:11 - 00024354 _____ C:\Users\Sany\Desktop\FRST.txt
2016-06-15 22:09 - 2016-06-15 22:09 - 02385920 _____ (Farbar) C:\Users\Sany\Desktop\FRST64.exe
2016-06-15 22:02 - 2016-06-15 22:08 - 00227102 _____ C:\TDSSKiller.3.1.0.9_15.06.2016_22.02.33_log.txt
2016-06-15 21:58 - 2016-06-15 21:58 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Sany\Desktop\tdsskiller.exe
2016-06-15 21:15 - 2016-06-15 21:15 - 00000000 _____ C:\Windows\SysWOW64\last.dump
2016-06-14 23:16 - 2016-06-14 23:16 - 00006254 _____ C:\Users\Sany\Desktop\Firefox Favs.txt
2016-06-12 21:23 - 2016-06-15 22:10 - 00000000 ____D C:\FRST
2016-06-12 20:38 - 2016-06-12 22:13 - 00000000 ____D C:\AdwCleaner
2016-06-12 16:34 - 2016-06-12 16:34 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ICCWDT_01009.Wdf
2016-06-12 16:34 - 2011-04-06 16:02 - 00002759 _____ C:\Windows\Remove.ini
2016-06-12 16:34 - 2011-04-06 14:02 - 02610808 _____ (Sunplus Technology) C:\Windows\system32\Drivers\SPUVCBv_x64.sys
2016-06-12 16:34 - 2011-03-17 14:47 - 00213368 _____ (Dext5xx) C:\Windows\system32\DextUVCB_x64.ax
2016-06-12 16:34 - 2011-03-17 14:47 - 00193400 _____ (Dext5xx) C:\Windows\SysWOW64\DextUVCB.ax
2016-06-12 16:34 - 2010-12-21 15:08 - 00087096 _____ C:\Windows\un_dext.exe
2016-06-12 16:34 - 2010-12-20 13:42 - 00281976 _____ (Sunplusit) C:\Windows\system32\CoInstaller_x64.dll
2016-06-12 16:34 - 2010-11-19 14:28 - 00087928 _____ C:\Windows\SPRemove_x64.exe
2016-06-12 16:34 - 2010-08-18 00:28 - 00026136 _____ (Intel Corporation) C:\Windows\system32\Drivers\ICCWDT.sys
2016-06-12 16:34 - 2010-07-19 14:42 - 00003400 _____ C:\Windows\Dext_25.ini
2016-06-12 16:34 - 2010-07-19 14:41 - 00002964 _____ C:\Windows\Dext_13.ini
2016-06-12 16:34 - 2010-07-19 14:40 - 00002992 _____ C:\Windows\Dext_01.ini
2016-06-12 16:34 - 2010-07-19 14:39 - 00002944 _____ C:\Windows\Dext_09.ini
2016-06-12 16:34 - 2010-07-19 14:38 - 00003036 _____ C:\Windows\Dext_29.ini
2016-06-12 16:34 - 2010-07-19 14:37 - 00002376 _____ C:\Windows\Dext_18.ini
2016-06-12 16:34 - 2010-07-19 14:35 - 00003176 _____ C:\Windows\Dext_07.ini
2016-06-12 16:34 - 2010-07-19 14:34 - 00003124 _____ C:\Windows\Dext_19.ini
2016-06-12 16:34 - 2010-07-19 14:33 - 00003386 _____ C:\Windows\Dext_12.ini
2016-06-12 16:34 - 2010-07-19 14:33 - 00003180 _____ C:\Windows\Dext_16.ini
2016-06-12 16:34 - 2010-07-19 14:32 - 00003250 _____ C:\Windows\Dext_10.ini
2016-06-12 16:34 - 2010-07-19 14:31 - 00003148 _____ C:\Windows\Dext_22.ini
2016-06-12 16:34 - 2010-07-19 14:30 - 00002446 _____ C:\Windows\Dext_17.ini
2016-06-12 16:34 - 2010-07-19 14:18 - 00002544 _____ C:\Windows\Dext_04.ini
2016-06-12 16:34 - 2010-07-19 14:18 - 00002314 _____ C:\Windows\Dext_52.ini
2016-06-12 16:33 - 2016-05-03 05:07 - 04181288 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys
2016-06-12 16:31 - 2015-05-26 20:02 - 05375448 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2016-06-12 16:31 - 2015-05-26 20:00 - 00017082 _____ C:\Windows\system32\iglhxs64.vp
2016-06-12 16:31 - 2015-05-26 19:52 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00432128 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00431104 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00429056 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00428544 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00223664 _____ C:\Windows\system32\Gfxres.th-TH.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00210106 _____ C:\Windows\system32\Gfxres.el-GR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00194245 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00166170 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00163421 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00159008 _____ C:\Windows\system32\Gfxres.he-IL.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00149682 _____ C:\Windows\system32\Gfxres.it-IT.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00148042 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00147393 _____ C:\Windows\system32\Gfxres.de-DE.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00147288 _____ C:\Windows\system32\Gfxres.es-ES.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00146004 _____ C:\Windows\system32\Gfxres.ro-RO.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00145491 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00144645 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00144260 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00144020 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00143932 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142882 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142877 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142717 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142289 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142008 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00141838 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00141049 _____ C:\Windows\system32\Gfxres.hr-HR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00137889 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00137784 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00137141 _____ C:\Windows\system32\Gfxres.da-DK.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00132623 _____ C:\Windows\system32\Gfxres.en-US.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2016-06-12 16:31 - 2015-05-26 19:52 - 00126300 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00124650 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00000268 _____ C:\Windows\system32\GfxUI.exe.config
2016-06-12 16:31 - 2015-05-26 19:50 - 01981696 _____ C:\Windows\system32\iglhxa64.cpa
2016-06-12 16:31 - 2015-05-26 19:50 - 00059425 _____ C:\Windows\system32\iglhxo64.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00059398 _____ C:\Windows\system32\iglhxg64.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00059230 _____ C:\Windows\system32\iglhxc64.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00059104 _____ C:\Windows\system32\iglhxc64_dev.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00058796 _____ C:\Windows\system32\iglhxg64_dev.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00058109 _____ C:\Windows\system32\iglhxo64_dev.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00001074 _____ C:\Windows\system32\iglhxa64.vp
2016-06-12 16:30 - 2015-06-04 21:20 - 00116224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v4229.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 01049576 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00940360 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00530968 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00525800 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00220432 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00184352 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2016-06-12 16:30 - 2015-05-26 19:53 - 00101376 _____ C:\Windows\system32\igdde64.dll
2016-06-12 16:30 - 2015-05-26 19:53 - 00081408 _____ C:\Windows\SysWOW64\igdde32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 10811392 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00410112 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00384512 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00330752 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00175104 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00009728 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2016-06-12 16:30 - 2015-05-26 19:51 - 13028864 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 03511296 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 03121152 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 00575488 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 00542720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2016-06-12 16:29 - 2016-06-12 16:29 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2016-06-12 16:29 - 2015-06-04 21:21 - 05906536 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00513640 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00444008 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00401512 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00280680 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00256616 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00187496 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00173672 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2016-06-12 16:29 - 2015-05-26 19:50 - 00963452 _____ C:\Windows\SysWOW64\igcodeckrng600.bin
2016-06-12 16:29 - 2015-05-26 19:50 - 00963452 _____ C:\Windows\system32\igcodeckrng600.bin
2016-06-12 16:29 - 2015-05-26 19:50 - 00272928 _____ C:\Windows\SysWOW64\igvpkrng600.bin
2016-06-12 16:29 - 2015-05-26 19:50 - 00272928 _____ C:\Windows\system32\igvpkrng600.bin
2016-06-12 16:29 - 2014-12-11 22:56 - 00033448 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2016-06-12 16:29 - 2014-01-30 17:17 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2016-06-12 16:28 - 2016-06-12 16:28 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ETD_01011.Wdf
2016-06-12 16:27 - 2016-06-12 16:28 - 00000000 ____D C:\Program Files\Elantech
2016-06-12 16:27 - 2015-09-09 22:00 - 00062672 _____ (ELAN Microelectronics Corp.) C:\Windows\system32\ETDCoInstaller15005.dll
2016-06-12 16:27 - 2015-09-09 21:59 - 00577096 _____ (ELAN Microelectronics Corp.) C:\Windows\system32\Drivers\ETD.sys
2016-06-12 16:25 - 2016-06-12 16:25 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-06-12 16:25 - 2016-06-12 16:25 - 00000000 ____D C:\Windows\system32\DAX2
2016-06-12 16:24 - 2016-06-03 07:29 - 72520720 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-06-12 16:24 - 2016-06-03 07:29 - 07172920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 06064046 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-06-12 16:24 - 2016-06-03 07:29 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2016-06-12 16:24 - 2016-06-03 07:29 - 05111040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-06-12 16:24 - 2016-06-03 07:29 - 03283248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 03199744 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 03096248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 02895104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-06-12 16:24 - 2016-06-03 07:29 - 02060032 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 01355616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00965032 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00689888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00677672 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00532384 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00447728 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00231920 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00221968 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00214832 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00209536 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00192984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00166208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00151792 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00134208 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00110984 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00090920 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00088320 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00084616 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00023696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 07096192 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 06264640 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 05339552 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 03282544 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 02050184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01965816 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01959608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01780624 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01591064 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01508936 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01061120 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00743968 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00727440 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00708312 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00678184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00574760 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00504312 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00445400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00441272 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00371456 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00362056 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00330568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00327456 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00310424 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00272720 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00253904 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00253872 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00252880 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00122328 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-06-12 16:23 - 2015-09-17 11:42 - 00463112 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2016-06-12 16:23 - 2015-05-29 16:05 - 00646408 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2016-06-12 16:23 - 2015-05-29 16:05 - 00030960 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2016-06-12 16:22 - 2016-06-12 16:22 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-06-12 16:22 - 2016-03-29 07:01 - 00181304 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2016-06-12 16:21 - 2014-01-10 13:13 - 00082128 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bScsiSDa.sys
2016-06-12 16:21 - 2013-10-29 23:15 - 00458960 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\k57nd60a.sys
2016-06-12 15:50 - 2016-06-12 15:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_b57xdbd_01009.Wdf
2016-06-12 15:50 - 2013-07-23 16:23 - 00059088 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bScsiMSa.sys
2016-06-12 15:50 - 2012-08-13 10:59 - 00072280 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57xdbd.sys
2016-06-12 15:50 - 2012-08-13 10:59 - 00021080 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57xdmp.sys
2016-06-12 15:42 - 2016-06-12 15:42 - 00000000 ____D C:\Users\Sany\Desktop\SDI_R454
2016-06-12 15:39 - 2016-06-12 16:35 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-06-12 15:39 - 2016-06-12 15:39 - 00001053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-06-12 15:39 - 2016-06-12 15:39 - 00000000 ____D C:\Users\Sandra Nicola\AppData\Roaming\TeamViewer
2016-06-08 21:43 - 2016-06-12 20:51 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-06-08 21:15 - 2016-06-08 21:15 - 00000000 ____D C:\Users\Sandra Nicola\Downloads\pkeyuibx_v1.5.0
2016-06-08 19:11 - 2016-06-12 12:17 - 00000000 ____D C:\Users\Public\Downloads\Windows 7 Ultimate
2016-06-08 17:13 - 2016-06-09 21:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-04 13:23 - 2016-06-04 13:23 - 00000000 ____D C:\Users\Sany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-04 11:18 - 2016-06-05 11:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-05-29 17:55 - 2016-05-29 17:55 - 00000000 ____D C:\Users\Sany\AppData\Roaming\mp3DirectCut
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-15 22:06 - 2013-08-30 23:00 - 00000000 ____D C:\Users\Sany\AppData\Local\Sidebar7
2016-06-15 22:02 - 2013-08-30 23:00 - 00000000 ____D C:\Users\Sany\AppData\Roaming\Skype
2016-06-15 21:58 - 2013-08-30 23:11 - 00000000 ____D C:\Users\Sany\AppData\Roaming\vlc
2016-06-15 21:44 - 2015-06-16 17:01 - 00001220 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002UA.job
2016-06-15 21:21 - 2009-07-14 06:45 - 00027840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-15 21:21 - 2009-07-14 06:45 - 00027840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-15 21:20 - 2015-06-16 17:01 - 00001168 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002Core.job
2016-06-15 21:15 - 2015-11-04 09:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-15 21:09 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-06-15 09:46 - 2012-08-29 22:57 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-14 23:18 - 2013-08-30 23:27 - 00000000 ____D C:\Users\Sany\Documents\Rezepte
2016-06-14 23:08 - 2013-09-08 13:57 - 00000000 ____D C:\Users\Sany\AppData\Local\FreePDF_XP
2016-06-13 21:01 - 2013-02-26 21:24 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-06-12 22:56 - 2016-05-10 12:12 - 00000000 ____D C:\Users\Sany\Desktop\Grey's Anatomy
2016-06-12 21:58 - 2015-03-23 20:04 - 00000000 __SHD C:\Users\Sany\AppData\LocalLow\EmieUserList
2016-06-12 21:58 - 2015-03-23 20:04 - 00000000 __SHD C:\Users\Sany\AppData\LocalLow\EmieBrowserModeList
2016-06-12 21:58 - 2015-03-23 20:04 - 00000000 __SHD C:\Users\Sany\AppData\Local\EmieUserList
2016-06-12 21:58 - 2015-03-23 20:04 - 00000000 __SHD C:\Users\Sany\AppData\Local\EmieSiteList
2016-06-12 21:58 - 2015-03-23 20:04 - 00000000 __SHD C:\Users\Sany\AppData\Local\EmieBrowserModeList
2016-06-12 21:58 - 2015-02-26 00:26 - 00000000 __SHD C:\Users\Sany\AppData\LocalLow\EmieSiteList
2016-06-12 21:43 - 2012-08-30 21:23 - 00007620 _____ C:\Users\Sandra Nicola\AppData\Local\Resmon.ResmonCfg
2016-06-12 21:18 - 2014-01-04 17:26 - 00000000 ___RD C:\Users\Sany\Documents\Dropbox
2016-06-12 21:18 - 2012-08-29 21:46 - 00000000 ____D C:\Users\Sandra Nicola
2016-06-12 21:13 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-12 21:12 - 2012-08-29 22:54 - 00000000 ____D C:\Program Files (x86)\Intel
2016-06-12 21:01 - 2012-08-29 23:08 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-06-12 21:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-06-12 20:48 - 2012-08-30 07:36 - 00697522 _____ C:\Windows\system32\perfh007.dat
2016-06-12 20:48 - 2012-08-30 07:36 - 00149458 _____ C:\Windows\system32\perfc007.dat
2016-06-12 20:48 - 2009-07-14 07:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-12 19:30 - 2012-08-29 22:57 - 00000000 ____D C:\Dolby PCEE4
2016-06-12 19:21 - 2015-07-10 09:50 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-12 19:20 - 2015-07-10 09:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-06-12 19:20 - 2015-07-10 09:50 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-06-12 16:47 - 2013-08-30 23:00 - 00109680 _____ C:\Users\Sany\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-12 16:43 - 2014-06-12 22:46 - 00000000 ____D C:\Windows\SysWOW64\NV
2016-06-12 16:43 - 2014-06-12 22:46 - 00000000 ____D C:\Windows\system32\NV
2016-06-12 16:37 - 2016-05-10 11:32 - 00412840 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-12 16:26 - 2012-08-29 22:57 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-06-12 10:06 - 2014-04-05 19:49 - 00000000 ____D C:\Users\Sany\Desktop\Drucken
2016-06-09 22:05 - 2015-12-16 01:45 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-09 22:05 - 2012-09-02 14:46 - 00000000 ____D C:\ProgramData\Skype
2016-06-09 21:58 - 2013-04-12 19:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-08 20:44 - 2012-09-09 11:53 - 00000000 ____D C:\Users\Sany\Desktop\Siedler
2016-06-06 20:55 - 2012-08-29 23:13 - 00002201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-06 12:31 - 2013-08-30 22:57 - 00000000 ____D C:\Users\Sany\AppData\Roaming\DVDVideoSoft
2016-06-04 13:23 - 2014-01-04 17:23 - 00000000 ____D C:\Users\Sany\AppData\Roaming\Dropbox
2016-06-04 09:53 - 2015-07-09 10:20 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-27 10:48 - 2016-03-20 10:49 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-27 10:48 - 2015-04-05 10:27 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-26 21:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-05-24 23:14 - 2015-02-12 11:55 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-20 21:07 - 2013-08-30 23:54 - 00000000 ____D C:\Users\Sany\Documents\Steuerfälle
==================== Files in the root of some directories =======
2012-08-29 22:04 - 2012-08-29 22:04 - 0004264 _____ () C:\Users\Sandra Nicola\AppData\Local\HWVendorDetection.log
2012-08-30 21:23 - 2016-06-12 21:43 - 0007620 _____ () C:\Users\Sandra Nicola\AppData\Local\Resmon.ResmonCfg
2012-10-02 17:17 - 2016-05-02 08:58 - 0000211 _____ () C:\ProgramData\acer.zip
2016-06-12 16:25 - 2016-06-12 16:25 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Files to move or delete:
====================
C:\Users\Sany\biing2.exe
Some files in TEMP:
====================
C:\Users\Sany\AppData\Local\Temp\gkey.exe
C:\Users\Sany\AppData\Local\Temp\pkeyui.exe
C:\Users\Sany\AppData\Local\Temp\wabk.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-05-10 14:17
==================== End of FRST.txt ============================
[CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:15-06-2016
Ran by Sandra Nicola (2016-06-15 22:12:30)
Running from C:\Users\Sany\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2012-08-29 19:46:53)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3682184643-4074992415-2154467960-500 - Administrator - Disabled)
Guest (S-1-5-21-3682184643-4074992415-2154467960-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3682184643-4074992415-2154467960-1004 - Limited - Enabled)
Sandra Nicola (S-1-5-21-3682184643-4074992415-2154467960-1000 - Administrator - Enabled) => C:\Users\Sandra Nicola
Sany (S-1-5-21-3682184643-4074992415-2154467960-1002 - Limited - Enabled) => C:\Users\Sany
UpdatusUser (S-1-5-21-3682184643-4074992415-2154467960-1043 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
1.3M HD WebCam (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.3.6.04 - SunplusIT)
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1216 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1216 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3000 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Amazon Amazon Music) (Version: 3.11.5.1140 - Amazon Services LLC)
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 11.2.2262 - AVAST Software)
Benutzerhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Useg) (Version: - )
Biing! 2 Version 1.8 (HKLM-x32\...\{D31EEA07-5033-4A7B-BC48-B57F69C8FA15}_is1) (Version: 1.8 - Reline)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.6059 - CDBurnerXP)
Die Siedler IV (HKLM-x32\...\S4Uninst) (Version: - )
Dropbox (HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Dropbox) (Version: 4.4.29 - Dropbox, Inc.)
ELAN Touchpad 15.6.3.3_X64_WHQL (HKLM\...\Elantech) (Version: 15.6.3.3 - ELAN Microelectronic Corp.)
Epson Easy Photo Print 2 (HKLM-x32\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX235 Series Printer Uninstall (HKLM\...\EPSON SX235 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.6.0 - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Fotor 3.0.0 (HKLM-x32\...\Fotor) (Version: 3.0.0 - Everimaging Co., Ltd.)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free Studio version 6.5.5.915 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.5.915 - DVDVideoSoft Ltd.)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.0.3.1019 - DVDVideoSoft Ltd.)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.0.10.1211 - DVDVideoSoft Ltd.)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java SE Development Kit 7 Update 71 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170710}) (Version: 1.7.0.710 - Oracle)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 7.0 (HKLM-x32\...\{DE59B901-18EA-4CB9-ADE4-291BF5C1E12E}_is1) (Version: - MiniTool Solution Ltd.)
Miranda Fusion 3.2.35.0 (HKLM-x32\...\MirandaFusion) (Version: 3.2.35.0 - Miranda Fusion Team)
mIRC (HKLM-x32\...\mIRC) (Version: 7.1 - mIRC Co. Ltd.)
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
Mozilla Thunderbird 45.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.1.1 (x86 de)) (Version: 45.1.1 - Mozilla)
NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
Netzwerkhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Netg) (Version: - )
NVIDIA Grafiktreiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
Opera 12.15 (HKLM-x32\...\Opera 12.15.1748) (Version: 12.15.1748 - Opera Software ASA)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.0 - Frank Heindörfer, Philip Chinery)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7836 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: - )
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steuer-Software 2013 (HKLM-x32\...\{3193DDB1-8F15-43DA-85D5-4796BF645914}) (Version: 18.09 - Wolters Kluwer Deutschland GmbH)
Steuer-Software 2014 (HKLM-x32\...\{77D53A25-9700-42C7-8305-8E469FEBEE30}) (Version: 19.10.89 - Akademische Arbeitsgemeinschaft)
Steuer-Software 2015 (HKLM-x32\...\{8D59E108-081D-4F4F-84EF-0132479C25C6}) (Version: 20.38.173 - Akademische Arbeitsgemeinschaft)
Steuer-Software 2016 (HKLM-x32\...\{700B1B66-851B-4DA2-9233-1F14602CFA6F}) (Version: 21.34.95 - Akademische Arbeitsgemeinschaft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.0 - Synaptics Incorporated)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Win7codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 2.4.2 - Shark007)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Wuala (HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Wuala) (Version: 1.0.444.0 - LaCie)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => No File
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => No File
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => No File
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => No File
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Sany\AppData\Local\Microsoft\Windows Sidebar\Gadgets\sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04397A23-DFC7-480E-BD5A-4146F04E1641} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {35D990BA-622F-4FBF-AF80-3B9F19812768} - System32\Tasks\Wise Care 365 PC Checkup Task => C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe
Task: {388D6C50-8D70-43FF-BFE8-7327D31F8A4B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {404B6DC8-BA8F-4784-A1BD-B960A215CA4D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {4F7F859F-0DDB-4325-9E96-55559992F663} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-04-05] (Acer Incorporated)
Task: {61FC3F73-1286-49B8-A6DF-1FBD23CB1F1A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-04] (AVAST Software)
Task: {765D315B-55BA-4F63-967B-D6850AFCC108} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-05] (AVAST Software)
Task: {CAB6E484-18DA-4A3D-99D3-B8526EE3D186} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002UA => C:\Users\Sany\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {DD3C22FB-15E3-4277-B2A8-3B6C8721E333} - System32\Tasks\SafeZone scheduled Autoupdate 1458763563 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {DE68D6AA-9A2A-4DAC-855C-5AD0789FB1D8} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002Core => C:\Users\Sany\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {FACA77E6-48B3-4C60-AADC-EFACFA3F5749} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002Core.job => C:\Users\Sany\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002UA.job => C:\Users\Sany\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Wise Care 365 PC Checkup Task.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Sandra Nicola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl
==================== Loaded Modules (Whitelisted) ==============
2014-06-12 22:17 - 2013-11-11 17:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-09-05 21:37 - 2010-06-17 21:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2008-10-24 17:35 - 2008-10-24 17:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2011-03-26 08:28 - 2011-03-26 08:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-05-04 19:42 - 2016-05-04 19:42 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-05-04 19:41 - 2016-05-04 19:41 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-12 19:37 - 2016-06-12 19:37 - 02932736 _____ () C:\Program Files\AVAST Software\Avast\defs\16061201\algo.dll
2016-05-04 19:42 - 2016-05-04 19:42 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-05-04 19:42 - 2016-05-04 19:42 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-06-15 21:10 - 2016-06-15 21:10 - 02934272 _____ () C:\Program Files\AVAST Software\Avast\defs\16061501\algo.dll
2015-09-06 20:13 - 2015-12-11 03:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-09-06 20:14 - 2015-12-11 03:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-09-06 20:14 - 2015-12-11 03:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-09-06 20:14 - 2015-12-11 03:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-09-06 20:14 - 2015-12-11 03:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-09-06 20:14 - 2015-12-11 03:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-05-19 22:30 - 2016-05-19 22:30 - 00060928 _____ () C:\Program Files (x86)\MirandaFusion\zlib.dll
2008-05-03 09:59 - 2008-05-03 09:59 - 00094208 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\svc_dbepp.dll
2009-08-04 09:46 - 2009-08-04 09:46 - 00162304 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\actman.dll
2009-05-08 23:42 - 2009-05-08 23:42 - 00067072 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\authstate.dll
2010-02-10 20:42 - 2010-02-10 20:42 - 00117760 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\extraicons.dll
2013-03-15 10:27 - 2013-03-15 10:27 - 00322048 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\facebook.dll
2010-09-28 17:59 - 2010-09-28 17:59 - 00498688 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\fingerprint.dll
2012-05-24 20:20 - 2012-05-24 20:20 - 00110592 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\folders.dll
2016-05-19 22:42 - 2016-05-19 22:42 - 00326144 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\icq.dll
2016-05-19 22:32 - 2016-05-19 22:32 - 00318976 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\irc.dll
2011-02-09 23:56 - 2011-02-09 23:56 - 00082021 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\keepstatus.dll
2010-08-26 18:27 - 2010-08-26 18:27 - 00062976 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\menuex.dll
2012-07-18 20:39 - 2012-07-18 20:39 - 00106496 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\metacontacts.dll
2011-07-17 19:07 - 2011-07-17 19:07 - 00671232 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\mirotr.dll
2010-04-08 20:33 - 2010-04-08 20:33 - 00240128 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\sendss.dll
2011-09-13 15:59 - 2011-09-13 15:59 - 00094315 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\startupstatus.dll
2012-11-05 22:48 - 2012-11-05 22:48 - 00372736 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\twitter.dll
2010-10-10 11:12 - 2010-10-10 11:12 - 00374272 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\uinfoexw.dll
2009-10-09 09:04 - 2009-10-09 09:04 - 00036864 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\useactions.dll
2011-09-13 15:59 - 2011-09-13 15:59 - 00114688 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\variables.dll
2010-07-17 10:16 - 2010-07-17 10:16 - 00283136 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\watrack.dll
2016-06-04 13:23 - 2016-05-05 12:09 - 00034768 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-06-04 13:22 - 2016-05-05 12:10 - 00019408 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-06-04 13:22 - 2016-05-05 12:09 - 00116688 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-06-04 13:23 - 2016-05-05 12:09 - 00093640 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-06-04 13:23 - 2016-05-05 12:09 - 00018376 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\select.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00019760 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00105928 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-06-04 13:22 - 2016-05-05 12:09 - 00392144 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-06-04 13:23 - 2016-05-31 20:34 - 00381752 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-06-04 13:23 - 2016-05-05 12:09 - 00692688 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00020816 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-06-04 13:23 - 2016-05-05 12:10 - 00123856 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 01682760 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00020808 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00021840 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00038696 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-06-04 13:22 - 2016-05-05 12:11 - 00020936 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00024528 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00114640 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00124880 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00021832 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00024016 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00175560 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00030160 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00043472 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00048592 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00023872 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-06-04 13:22 - 2016-05-05 12:09 - 00134088 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00026456 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00057808 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00024016 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-06-04 13:22 - 2016-05-31 20:33 - 00246592 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00028616 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00052024 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-06-04 13:23 - 2016-05-05 12:09 - 00134608 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-06-04 13:22 - 2016-05-05 12:10 - 00240584 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00020800 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00019776 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00020800 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00020280 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00023376 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00350152 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00022352 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00024392 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-06-04 13:22 - 2016-05-05 12:12 - 00036296 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\librsync.dll
2016-06-04 13:22 - 2016-05-31 20:34 - 00084280 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-06-04 13:22 - 2016-05-31 20:34 - 01826096 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-06-04 13:23 - 2016-05-05 12:10 - 00083912 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\sip.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 03928880 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 01971504 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00531248 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00132912 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00223544 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00207672 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00060880 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00024904 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00546096 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00357680 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-06-04 13:22 - 2016-05-05 12:13 - 00017864 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-06-04 13:22 - 2016-05-05 12:13 - 01631184 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-06-04 13:22 - 2016-05-05 12:15 - 00697304 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-12-20 12:35 - 2015-12-20 12:36 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-11-11 05:41 - 2015-11-11 05:41 - 00756376 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2016-06-06 20:55 - 2016-06-04 03:56 - 17565848 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\PepperFlash\pepflashplayer.dll
2016-06-06 20:55 - 2016-06-04 03:56 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libglesv2.dll
2016-06-06 20:55 - 2016-06-04 03:56 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sandra Nicola\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Sany\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{9A0CF582-0842-415F-97A1-14A654C6F136}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{FCED189B-2A51-4C48-81F4-9BA024D2FFF7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [TCP Query User{237545CD-8E8F-46C2-8ACB-A678244FC57A}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{E5A34E10-5039-418C-AA4C-02B16C69857C}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [{F6B11CC8-4FC3-4387-BE59-D571144FA32E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{7AC80160-79F7-44FF-80BC-DBF3DB9269F5}C:\program files (x86)\mirc\mirc.exe] => (Block) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{D0BF65DD-9224-4195-BEB8-48325C09653E}C:\program files (x86)\mirc\mirc.exe] => (Block) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [TCP Query User{C7F6AE34-7668-4B93-9D6D-41985EF010EF}C:\program files (x86)\mirandafusion\miranda32.exe] => (Block) C:\program files (x86)\mirandafusion\miranda32.exe
FirewallRules: [UDP Query User{72A764F2-9306-4FAA-9C47-5A96B0605D8B}C:\program files (x86)\mirandafusion\miranda32.exe] => (Block) C:\program files (x86)\mirandafusion\miranda32.exe
FirewallRules: [TCP Query User{7F05617C-9138-4983-9389-2109B875F7FE}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{89B536E7-87FF-40AA-8251-2592CDC1D51D}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{4123086B-6697-4B43-BD16-010618B721FB}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{0EBC3C2E-AB9C-4B23-A8FF-A70A01DD7080}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{84251E9D-B8A6-4300-B08E-92EE91156D48}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{A963B6E5-838A-44FC-84DF-2B80331443A6}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{71FC902B-09B2-4C10-983E-B41930E91B68}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{E2BD0630-B9D9-4B77-AEF5-C89EBFE82AAF}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [{BD89FB5C-1A7E-4879-A06E-BC0D24FB6A1A}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{BB312A91-45EC-4701-A552-671E652913C0}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [TCP Query User{3E9183B8-DD4F-4779-8FB9-B07D116267C8}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{9F2B7316-C788-491F-80B8-D4FA029717BF}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{BC62D37A-7E3E-4C09-AE24-10D37C0E7885}] => (Allow) C:\Users\Sany\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{38005A59-206E-444D-826A-B3C973D53BC5}] => (Allow) C:\Users\Sany\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{C66CEDA0-34C3-4673-97C7-507520BE12CA}C:\users\sany\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sany\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{225EBDE7-F54A-4FE3-9E31-0EAAE9BA0A0E}C:\users\sany\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sany\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{A9E135AD-9189-45CA-A4A6-52C2A33BA576}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{8659C8BA-C315-47E2-8D57-CCB279D35015}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{EDA315FD-4162-4F1D-AEBA-8031807924A2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{DE8408C6-C881-460D-93CC-0B5F457F92CE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{D328A208-F129-4F7B-A4C4-15C4673B0E90}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{CAC0DB41-3206-4799-A826-144E7DC67A28}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{0554891A-4EA7-47A8-9F47-C75E1074C365}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BFE2DA77-0714-494F-A849-173008D83F25}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{C50E5472-57FE-4D9C-8143-28A3C496AC79}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{D6021033-8E01-4D45-B014-32D0215F6AC0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{5240FB5F-93E9-46EA-9023-75D1DA3B4B01}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5371A095-407B-4645-915B-A6968D6C93C6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B53C6CD7-C266-47FA-AAF5-431D86BBDFD2}] => (Allow) LPort=5556
FirewallRules: [{9B9EB6EB-B6CF-406D-85F1-6522EFEC3AC0}] => (Allow) LPort=5558
FirewallRules: [{64EC39E4-9F0C-475A-9C74-46EA0D3B5B6D}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{CE7348D5-3868-41D1-9870-FE8F0C9DB4FC}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{8D273D0A-9A26-435E-9BA3-282F9BA80BCE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{57D894D6-149C-400C-88F3-5C66583CCCA9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{94AB55FB-7C15-4F5E-B436-6C7080EAF7DE}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Config V4\ENConfig.exe
FirewallRules: [{B30C533C-C81C-4522-88C7-0E02EBAF0580}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Config V4\ENConfig.exe
FirewallRules: [TCP Query User{DA48D2EB-AF84-4B7A-941C-4BF138A942AB}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{FA836D36-3023-412A-83FC-B9FBC396FD87}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [TCP Query User{67977728-DBCF-47F1-B5E2-525DF228E576}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{60C4E4DC-1CC6-4B41-96A3-9E09AC67BE9E}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{3BB1637D-9740-4A87-8CAB-D53727C00C35}C:\bluebyte\die siedler iv\exe\s4_main.exe] => (Block) C:\bluebyte\die siedler iv\exe\s4_main.exe
FirewallRules: [UDP Query User{C15E4FCC-B746-4935-8E4E-0A0F3FFC75D7}C:\bluebyte\die siedler iv\exe\s4_main.exe] => (Block) C:\bluebyte\die siedler iv\exe\s4_main.exe
FirewallRules: [{8954813C-A257-4146-BC74-0CB6C6E91114}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{8B76A7AD-078F-41DD-9B36-90113B1DB1C7}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{10422358-E789-4EE7-BE5C-F1E5906113BF}] => (Allow) C:\Program Files (x86)\MirandaFusion\miranda32.exe
FirewallRules: [{2F885933-905F-44A5-BE62-D0B438331F61}] => (Allow) C:\Program Files (x86)\MirandaFusion\miranda32.exe
FirewallRules: [{13D86C52-AE3D-49BA-AD7A-E1135B05BC88}] => (Allow) C:\Program Files (x86)\MirandaFusion\fusiontools\updater.exe
FirewallRules: [{CA9B7285-2895-4A8D-872E-DCDF071C628C}] => (Allow) C:\Program Files (x86)\MirandaFusion\fusiontools\updater.exe
FirewallRules: [{A93D1EC0-9BDB-4AB7-B060-6CCEB4823E4B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{8113944F-77DD-45B2-9FD8-250C08111E65}C:\users\public\downloads\snappy driver installer\sdi_r454\sdi_r454\sdi_x64_r454.exe] => (Allow) C:\users\public\downloads\snappy driver installer\sdi_r454\sdi_r454\sdi_x64_r454.exe
FirewallRules: [UDP Query User{664D13CA-FD37-4B59-B5F9-BD3EA501F9EF}C:\users\public\downloads\snappy driver installer\sdi_r454\sdi_r454\sdi_x64_r454.exe] => (Allow) C:\users\public\downloads\snappy driver installer\sdi_r454\sdi_r454\sdi_x64_r454.exe
FirewallRules: [TCP Query User{1FEFA7E8-E89C-419A-8226-EAC38CF1F1E4}C:\users\sany\desktop\sdi_r454\sdi_r454\sdi_x64_r454.exe] => (Allow) C:\users\sany\desktop\sdi_r454\sdi_r454\sdi_x64_r454.exe
FirewallRules: [UDP Query User{AEFFE97E-CF2C-43F3-8793-A8F4F995535C}C:\users\sany\desktop\sdi_r454\sdi_r454\sdi_x64_r454.exe] => (Allow) C:\users\sany\desktop\sdi_r454\sdi_r454\sdi_x64_r454.exe
FirewallRules: [{D5FD2EE5-8B49-4102-A4BD-0B5839FDB1CA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4FCCF01D-5B90-470B-9496-BC2049F6FF53}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{700A3990-5DE0-4218-919F-D5855ECDDE38}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BBA2A12F-A324-489C-8DDC-7239B2E493EB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Restore Points =========================
10-06-2016 21:15:45 Windows Update
12-06-2016 16:20:06 Installed drivers
12-06-2016 19:19:43 Removed Windows 7 USB/DVD Download Tool
12-06-2016 19:29:38 Removed Dolby Advanced Audio v2
12-06-2016 19:31:42 Installed Dolby Advanced Audio v2
12-06-2016 21:02:23 Removed Dolby Advanced Audio v2
15-06-2016 09:12:14 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/12/2016 09:13:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/12/2016 08:53:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/12/2016 08:32:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/12/2016 07:35:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/12/2016 04:50:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/12/2016 04:38:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/12/2016 04:18:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SDI_x64_R454.exe, Version: 0.3.0.454, Zeitstempel: 0x575300a6
Name des fehlerhaften Moduls: SDI_x64_R454.exe, Version: 0.3.0.454, Zeitstempel: 0x575300a6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002c359
ID des fehlerhaften Prozesses: 0x934
Startzeit der fehlerhaften Anwendung: 0xSDI_x64_R454.exe0
Pfad der fehlerhaften Anwendung: SDI_x64_R454.exe1
Pfad des fehlerhaften Moduls: SDI_x64_R454.exe2
Berichtskennung: SDI_x64_R454.exe3
Error: (06/12/2016 12:57:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SDI_x64_R454.exe, Version 0.3.0.454 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1ff4
Startzeit: 01d1c4924993560d
Endzeit: 6
Anwendungspfad: C:\Users\Public\Downloads\Snappy Driver Installer\SDI_R454\SDI_R454\SDI_x64_R454.exe
Berichts-ID: 701fc76f-308c-11e6-8558-9b432118ff9a
Error: (06/09/2016 10:03:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.19135, Zeitstempel: 0x56a1bbe2
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23418, Zeitstempel: 0x5708a857
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000048d84
ID des fehlerhaften Prozesses: 0xbd0
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (06/09/2016 10:01:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (06/15/2016 10:17:35 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (06/15/2016 09:10:32 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Es wurde eine schwerwiegende Warnung empfangen: 70.
Error: (06/15/2016 09:10:16 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Es wurde eine schwerwiegende Warnung empfangen: 70.
Error: (06/14/2016 10:06:49 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (06/13/2016 09:40:47 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (06/12/2016 09:14:40 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst TeamViewer erreicht.
Error: (06/12/2016 09:13:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "楗敳䈠潯⁴獁楳瑳湡tƎ" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2 = Das System kann die angegebene Datei nicht finden.
Error: (06/12/2016 09:13:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VBoxAsw Support Driver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3 = Das System kann den angegebenen Pfad nicht finden.
Error: (06/12/2016 08:53:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "楗敳䈠潯⁴獁楳瑳湡tƎ" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2 = Das System kann die angegebene Datei nicht finden.
Error: (06/12/2016 08:53:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VBoxAsw Support Driver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3 = Das System kann den angegebenen Pfad nicht finden.
CodeIntegrity:
===================================
Date: 2013-02-26 21:36:26.227
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-02-26 21:36:26.187
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-02-26 21:36:24.056
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-02-26 21:36:24.022
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-02-26 21:36:21.967
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-02-26 21:36:21.938
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-02-26 21:36:19.880
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-02-26 21:36:19.856
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-02-26 21:36:17.787
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-02-26 21:36:17.764
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 56%
Total physical RAM: 8043.86 MB
Available physical RAM: 3488.78 MB
Total Virtual: 16085.9 MB
Available Virtual: 9699.72 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:465.66 GB) (Free:193.24 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 444A0486)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
--- --- --- |
|
16.06.2016, 23:00
| #5 |
| /// Malwareteam | System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen. Bitte poste in deiner nächsten Antwort also:
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~  Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
17.06.2016, 19:29
| #6 |
| | System reagiert(e) träge, Funde mit Adwcleaner und MalwarebytesCode:
ATTFilter # AdwCleaner v5.200 - Bericht erstellt am 17/06/2016 um 19:37:09
# Aktualisiert am 14/06/2016 von ToolsLib
# Datenbank : 2016-06-17.1 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (X64)
# Benutzername : Sandra Nicola - SCHNUBBI
# Gestartet von : C:\Users\Sany\Desktop\AdwCleaner_5.200.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
[-] Datei gelöscht : C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\foxydeal.sqlite
[-] Datei gelöscht : C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\searchplugins\11-suche.xml
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Wert gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [dnshelp@dnshelp.com]
[-] Schlüssel gelöscht : HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\Software\Conduit
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
\AdwCleaner\AdwCleaner[C1].txt - [5630 Bytes] - [12/06/2016 20:51:04]
\AdwCleaner\AdwCleaner[C2].txt - [1412 Bytes] - [17/06/2016 19:37:09]
\AdwCleaner\AdwCleaner[S1].txt - [5828 Bytes] - [12/06/2016 20:42:13]
\AdwCleaner\AdwCleaner[S2].txt - [1487 Bytes] - [17/06/2016 19:31:35]
########## EOF - \AdwCleaner\AdwCleaner[C2].txt - [1625 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 17.06.2016 Suchlaufzeit: 19:50 Protokolldatei: mbam.txt Administrator: Nein Version: 2.2.1.1043 Malware-Datenbank: v2016.06.17.04 Rootkit-Datenbank: v2016.05.27.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Sany Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 260293 Abgelaufene Zeit: 15 Min., 25 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 6 Trojan.ProxyHijacker, HKLM\SOFTWARE\CLASSES\TweakBit PCRepairKit v1.6.10.DynamicNS, Löschen bei Neustart, [897f6c92a2f78da97f3eeca1936f43bd], Trojan.ProxyHijacker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TweakBit PCRepairKit v1.6.10.DynamicNS, Löschen bei Neustart, [7f8911edb1e864d29e1f246920e2da26], Trojan.ProxyHijacker, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TweakBit PCRepairKit v1.6.10.DynamicNS, Löschen bei Neustart, [7f8911edb1e864d29e1f246920e2da26], PUP.Optional.TweakBit, HKLM\SOFTWARE\WOW6432NODE\TWEAKBIT\ATPopups, Löschen bei Neustart, [e523e717f0a937ff4560a1218d75e719], PUP.Optional.TweakBit, HKLM\SOFTWARE\WOW6432NODE\TWEAKBIT\ATUpdaters, Löschen bei Neustart, [7c8cc5391188b185b7a15c5429da659b], PUP.Optional.TweakBit, HKLM\SOFTWARE\WOW6432NODE\TWEAKBIT\Google Analytics Package, Löschen bei Neustart, [1aee8777f4a554e2c496545c847f857b], Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:16-06-2016 01
Ran by Sandra Nicola (administrator) on SCHNUBBI (17-06-2016 20:17:13)
Running from C:\Users\Sany\Desktop
Loaded Profiles: Sandra Nicola & Sany & UpdatusUser (Available Profiles: Sandra Nicola & Sany & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Englisch (USA)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
() C:\Users\Sany\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Dropbox, Inc.) C:\Users\Sany\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Miranda IM) C:\Program Files (x86)\MirandaFusion\miranda32.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\Sany\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860040 2010-10-29] (Acer Incorporated)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3351248 2015-09-09] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7405752 2016-06-10] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM\...\RunOnce: [*Restore] => C:\Windows\System32\rstrui.exe [296960 2016-04-09] (Microsoft Corporation)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [415232 2009-07-14] (Microsoft Corporation)
HKLM\...\RunOnce: [MSPCLOCK] => rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\RunOnce: [MSPQM] => rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\RunOnce: [MSKSSRV] => rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\RunOnce: [MSTEE.CxTransform] => rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interf (the data entry has 11 more characters).
HKLM\...\RunOnce: [MSTEE.Splitter] => rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interf (the data entry has 11 more characters).
HKLM\...\RunOnce: [WDM_DRMKAUD] => rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD. (the data entry has 17 more characters).
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\2322d091-33a3-4322-9ee4-4df0d4ac8d82.exe [168336 2016-01-21] (AVAST Software)
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000001] => "C:\Windows\is-SAIVE.exe" /REG /REGSVRMODE
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000002] => "C:\Windows\is-F60Q9.exe" /REG /REGSVRMODE
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000003] => "C:\Windows\is-AEUAP.exe" /REG /REGSVRMODE
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2015-10-05] (Malwarebytes)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [GoogleChromeAutoLaunch_D8107CCCFBFF2A4366A2C687393EC971] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-06-04] (Google Inc.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [BingSvc] => C:\Users\Sandra Nicola\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [Miranda Fusion] => C:\Program Files (x86)\MirandaFusion\fusiontools\mfstart.exe [1121824 2015-11-08] (Miranda Fusion Team)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[C2].txt
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Miranda Fusion] => C:\Program Files (x86)\MirandaFusion\fusiontools\mfstart.exe [1121824 2015-11-08] (Miranda Fusion Team)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [ABBYY Screenshot Reader Bonus] => "C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint\Bonus.ScreenshotReader.exe" -autorun
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Amazon Music] => C:\Users\Sany\AppData\Local\Amazon Music\Amazon Music Helper.exe [5890368 2015-11-18] ()
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Dropbox Update] => C:\Users\Sany\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [GoogleChromeAutoLaunch_26CFC6DA14F856D58D6B043755960AA3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-06-04] (Google Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-04] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
Startup: C:\Users\Sany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-06-04]
ShortcutTarget: Dropbox.lnk -> C:\Users\Sandra Nicola\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{CA6C2E5B-F789-438E-98CC-4F038A4F400C}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=de-de
SearchScopes: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-10] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-05-04] (AVAST Software)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-10] (Oracle Corporation)
BHO: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-05-04] (AVAST Software)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
FireFox:
========
FF ProfilePath: C:\Users\Sandra Nicola\AppData\Roaming\Mozilla\Firefox\Profiles\5ls1riua.default-1442688592423
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-16] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-10] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-08-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-08-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-08-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-16] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nppl3260.dll [2010-02-04] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nprpjplug.dll [2010-02-04] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-20] (Nullsoft, Inc.)
FF Extension: Classic Theme Restorer - C:\Users\Sandra Nicola\AppData\Roaming\Mozilla\Firefox\Profiles\5ls1riua.default-1442688592423\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2016-06-12]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-04]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-04]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://de.ogame.gameforge.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Cast) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-09-19]
CHR Extension: (Adblock Plus) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-19]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2015-09-19]
CHR Extension: (Tampermonkey) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-09-19]
CHR Extension: (Bookmark Manager) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-09-19]
CHR Extension: (Avast Online Security) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-19]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-19]
CHR Extension: (AntiGameOrigin) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldbahlcmhmlpomdepooifmhnalokdhgm [2015-04-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-19]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-04] (AVAST Software)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-11] (Digital Wave Ltd.)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [145624 2015-09-09] (ELAN Microelectronics Corp.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-04] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-04] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30960 2015-05-29] (Intel Corporation)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52320 2014-08-15] (hxxp://libusb-win32.sourceforge.net)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-12] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-03-29] (Intel Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19936 2011-09-02] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2011-09-02] ()
S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [11616 2001-08-25] () [File not signed]
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33448 2014-12-11] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2610808 2011-04-06] (Sunplus Technology)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2015-05-25] (Seiko Epson Corporation)
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WiseHDInfo; \??\C:\Program Files (x86)\Wise\Wise Care 365\WiseHDInfo64.dll [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-17 20:17 - 2016-06-17 20:18 - 00023314 _____ C:\Users\Sany\Desktop\FRST.txt
2016-06-17 20:17 - 2016-06-17 20:17 - 00000000 ____D C:\Users\Sany\Desktop\FRST-OlderVersion
2016-06-17 20:14 - 2016-06-17 20:14 - 00002032 _____ C:\Users\Sany\Desktop\mbam.txt
2016-06-17 19:28 - 2016-06-17 19:28 - 03703360 _____ C:\Users\Sany\Desktop\AdwCleaner_5.200.exe
2016-06-16 22:53 - 2016-06-16 22:53 - 00000000 ____D C:\Users\Public\Downloads\Sicherheit
2016-06-16 21:42 - 2016-06-16 21:42 - 09717952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-06-16 09:22 - 2016-06-06 18:58 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-16 09:22 - 2016-06-06 18:50 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-16 09:22 - 2016-06-03 15:05 - 01413120 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-16 09:22 - 2016-05-27 15:06 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-06-16 09:22 - 2016-05-27 15:06 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-16 09:22 - 2016-05-27 15:06 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-16 09:22 - 2016-05-27 15:06 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-06-16 09:22 - 2016-05-22 15:06 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-16 09:22 - 2016-05-18 18:10 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-16 09:22 - 2016-05-18 18:09 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-16 09:22 - 2016-05-14 00:15 - 00382184 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-16 09:22 - 2016-05-14 00:09 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-16 09:22 - 2016-05-14 00:09 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-16 09:22 - 2016-05-14 00:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-06-16 09:22 - 2016-05-14 00:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-06-16 09:22 - 2016-05-13 23:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-16 09:22 - 2016-05-13 23:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-06-16 09:22 - 2016-05-13 23:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-06-16 09:22 - 2016-05-13 23:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-06-16 09:22 - 2016-05-13 23:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-16 09:22 - 2016-05-12 19:20 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-16 09:22 - 2016-05-12 19:20 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-06-16 09:22 - 2016-05-12 19:15 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-06-16 09:22 - 2016-05-12 19:15 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-06-16 09:22 - 2016-05-12 19:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-06-16 09:22 - 2016-05-12 19:15 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-06-16 09:22 - 2016-05-12 19:15 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-06-16 09:22 - 2016-05-12 19:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00793088 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-16 09:22 - 2016-05-12 19:14 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00591872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-06-16 09:22 - 2016-05-12 17:06 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2016-06-16 09:22 - 2016-05-12 17:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-06-16 09:22 - 2016-05-12 17:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-16 09:22 - 2016-05-12 16:58 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-16 09:22 - 2016-05-12 16:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-16 09:22 - 2016-05-12 16:58 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-06-16 09:22 - 2016-05-12 16:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-16 09:22 - 2016-05-12 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-06-16 09:22 - 2016-05-12 16:58 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-06-16 09:22 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2016-06-16 09:22 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-06-16 09:22 - 2016-05-12 16:57 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.exe
2016-06-16 09:22 - 2016-05-12 16:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-06-16 09:22 - 2016-05-12 16:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-06-16 09:22 - 2016-05-12 15:05 - 00459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-16 09:22 - 2016-05-12 15:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-16 09:22 - 2016-05-12 15:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-16 09:22 - 2016-05-11 19:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-16 09:22 - 2016-05-11 19:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-16 09:22 - 2016-05-11 19:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-16 09:22 - 2016-05-11 19:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-16 09:22 - 2016-05-11 17:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-16 09:22 - 2016-05-11 17:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-16 09:22 - 2016-05-11 17:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-16 09:22 - 2016-05-11 17:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-16 09:22 - 2016-05-11 17:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-06-16 09:22 - 2016-05-11 17:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-06-16 09:22 - 2016-05-11 16:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-16 09:21 - 2016-04-14 18:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-06-16 09:21 - 2016-04-14 18:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-06-16 09:21 - 2016-04-14 18:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-16 09:21 - 2016-04-14 18:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-06-16 09:21 - 2016-04-14 18:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-06-16 09:21 - 2016-04-14 18:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-06-16 09:21 - 2016-04-14 17:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-06-16 09:21 - 2016-04-14 17:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-16 09:21 - 2016-04-14 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-06-16 09:21 - 2016-04-14 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-06-16 09:21 - 2016-04-14 17:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-06-16 09:21 - 2016-04-14 17:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-06-16 09:21 - 2016-04-09 08:58 - 14186496 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-16 09:21 - 2016-04-09 08:57 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-06-16 09:21 - 2016-04-09 08:54 - 12881408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-06-16 09:21 - 2016-04-09 08:54 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-06-16 09:21 - 2016-04-09 07:53 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-06-16 09:21 - 2016-04-09 07:44 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-06-16 09:21 - 2016-03-09 21:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-06-16 09:21 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-06-16 09:20 - 2016-05-24 01:37 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-06-16 09:20 - 2016-05-24 00:54 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-06-16 09:20 - 2016-05-21 19:28 - 25802752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-16 09:20 - 2016-05-21 18:57 - 20341248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-16 09:20 - 2016-05-21 00:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-06-16 09:20 - 2016-05-21 00:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-06-16 09:20 - 2016-05-21 00:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-06-16 09:20 - 2016-05-21 00:10 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-06-16 09:20 - 2016-05-21 00:09 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-16 09:20 - 2016-05-21 00:09 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-06-16 09:20 - 2016-05-21 00:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-06-16 09:20 - 2016-05-21 00:08 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-16 09:20 - 2016-05-21 00:08 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-06-16 09:20 - 2016-05-21 00:02 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-16 09:20 - 2016-05-21 00:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-06-16 09:20 - 2016-05-20 23:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-06-16 09:20 - 2016-05-20 23:57 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-16 09:20 - 2016-05-20 23:57 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-06-16 09:20 - 2016-05-20 23:57 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-06-16 09:20 - 2016-05-20 23:56 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-06-16 09:20 - 2016-05-20 23:56 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-06-16 09:20 - 2016-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-06-16 09:20 - 2016-05-20 23:54 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-06-16 09:20 - 2016-05-20 23:54 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-06-16 09:20 - 2016-05-20 23:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-06-16 09:20 - 2016-05-20 23:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-06-16 09:20 - 2016-05-20 23:50 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-16 09:20 - 2016-05-20 23:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-06-16 09:20 - 2016-05-20 23:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-06-16 09:20 - 2016-05-20 23:45 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-06-16 09:20 - 2016-05-20 23:45 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-06-16 09:20 - 2016-05-20 23:44 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-06-16 09:20 - 2016-05-20 23:44 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-06-16 09:20 - 2016-05-20 23:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-06-16 09:20 - 2016-05-20 23:41 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-06-16 09:20 - 2016-05-20 23:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-06-16 09:20 - 2016-05-20 23:33 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-06-16 09:20 - 2016-05-20 23:32 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-06-16 09:20 - 2016-05-20 23:29 - 13815808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-16 09:20 - 2016-05-20 23:28 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-06-16 09:20 - 2016-05-20 23:27 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-06-16 09:20 - 2016-05-20 23:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-06-16 09:20 - 2016-05-20 23:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-06-16 09:20 - 2016-05-20 23:25 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-06-16 09:20 - 2016-05-20 23:23 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-06-16 09:20 - 2016-05-20 23:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-06-16 09:20 - 2016-05-20 23:22 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-06-16 09:20 - 2016-05-20 23:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-06-16 09:20 - 2016-05-20 23:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-06-16 09:20 - 2016-05-20 23:14 - 04610048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-16 09:20 - 2016-05-20 23:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-06-16 09:20 - 2016-05-20 23:11 - 15420928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-16 09:20 - 2016-05-20 23:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-06-16 09:20 - 2016-05-20 23:09 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-06-16 09:20 - 2016-05-20 23:09 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-16 09:20 - 2016-05-20 23:08 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-06-16 09:20 - 2016-05-20 23:08 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-16 09:20 - 2016-05-20 23:07 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-06-16 09:20 - 2016-05-20 23:07 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-06-16 09:20 - 2016-05-20 23:06 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-16 09:20 - 2016-05-20 22:46 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-16 09:20 - 2016-05-20 22:42 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-16 09:20 - 2016-05-20 22:38 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-16 09:20 - 2016-05-20 22:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-06-16 09:20 - 2016-05-20 22:34 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-16 09:20 - 2016-05-20 22:23 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-06-15 22:09 - 2016-06-17 20:17 - 02386944 _____ (Farbar) C:\Users\Sany\Desktop\FRST64.exe
2016-06-15 21:15 - 2016-06-15 21:15 - 00000000 _____ C:\Windows\SysWOW64\last.dump
2016-06-14 23:16 - 2016-06-17 19:32 - 00006262 _____ C:\Users\Sany\Desktop\Firefox Favs.txt
2016-06-12 21:23 - 2016-06-17 20:17 - 00000000 ____D C:\FRST
2016-06-12 20:38 - 2016-06-17 19:37 - 00000000 ____D C:\AdwCleaner
2016-06-12 16:34 - 2016-06-12 16:34 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ICCWDT_01009.Wdf
2016-06-12 16:34 - 2011-04-06 16:02 - 00002759 _____ C:\Windows\Remove.ini
2016-06-12 16:34 - 2011-04-06 14:02 - 02610808 _____ (Sunplus Technology) C:\Windows\system32\Drivers\SPUVCBv_x64.sys
2016-06-12 16:34 - 2011-03-17 14:47 - 00213368 _____ (Dext5xx) C:\Windows\system32\DextUVCB_x64.ax
2016-06-12 16:34 - 2011-03-17 14:47 - 00193400 _____ (Dext5xx) C:\Windows\SysWOW64\DextUVCB.ax
2016-06-12 16:34 - 2010-12-21 15:08 - 00087096 _____ C:\Windows\un_dext.exe
2016-06-12 16:34 - 2010-12-20 13:42 - 00281976 _____ (Sunplusit) C:\Windows\system32\CoInstaller_x64.dll
2016-06-12 16:34 - 2010-11-19 14:28 - 00087928 _____ C:\Windows\SPRemove_x64.exe
2016-06-12 16:34 - 2010-08-18 00:28 - 00026136 _____ (Intel Corporation) C:\Windows\system32\Drivers\ICCWDT.sys
2016-06-12 16:34 - 2010-07-19 14:42 - 00003400 _____ C:\Windows\Dext_25.ini
2016-06-12 16:34 - 2010-07-19 14:41 - 00002964 _____ C:\Windows\Dext_13.ini
2016-06-12 16:34 - 2010-07-19 14:40 - 00002992 _____ C:\Windows\Dext_01.ini
2016-06-12 16:34 - 2010-07-19 14:39 - 00002944 _____ C:\Windows\Dext_09.ini
2016-06-12 16:34 - 2010-07-19 14:38 - 00003036 _____ C:\Windows\Dext_29.ini
2016-06-12 16:34 - 2010-07-19 14:37 - 00002376 _____ C:\Windows\Dext_18.ini
2016-06-12 16:34 - 2010-07-19 14:35 - 00003176 _____ C:\Windows\Dext_07.ini
2016-06-12 16:34 - 2010-07-19 14:34 - 00003124 _____ C:\Windows\Dext_19.ini
2016-06-12 16:34 - 2010-07-19 14:33 - 00003386 _____ C:\Windows\Dext_12.ini
2016-06-12 16:34 - 2010-07-19 14:33 - 00003180 _____ C:\Windows\Dext_16.ini
2016-06-12 16:34 - 2010-07-19 14:32 - 00003250 _____ C:\Windows\Dext_10.ini
2016-06-12 16:34 - 2010-07-19 14:31 - 00003148 _____ C:\Windows\Dext_22.ini
2016-06-12 16:34 - 2010-07-19 14:30 - 00002446 _____ C:\Windows\Dext_17.ini
2016-06-12 16:34 - 2010-07-19 14:18 - 00002544 _____ C:\Windows\Dext_04.ini
2016-06-12 16:34 - 2010-07-19 14:18 - 00002314 _____ C:\Windows\Dext_52.ini
2016-06-12 16:33 - 2016-05-03 05:07 - 04181288 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys
2016-06-12 16:31 - 2015-05-26 20:02 - 05375448 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2016-06-12 16:31 - 2015-05-26 20:00 - 00017082 _____ C:\Windows\system32\iglhxs64.vp
2016-06-12 16:31 - 2015-05-26 19:52 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00432128 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00431104 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00429056 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00428544 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00223664 _____ C:\Windows\system32\Gfxres.th-TH.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00210106 _____ C:\Windows\system32\Gfxres.el-GR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00194245 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00166170 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00163421 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00159008 _____ C:\Windows\system32\Gfxres.he-IL.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00149682 _____ C:\Windows\system32\Gfxres.it-IT.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00148042 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00147393 _____ C:\Windows\system32\Gfxres.de-DE.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00147288 _____ C:\Windows\system32\Gfxres.es-ES.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00146004 _____ C:\Windows\system32\Gfxres.ro-RO.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00145491 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00144645 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00144260 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00144020 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00143932 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142882 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142877 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142717 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142289 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142008 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00141838 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00141049 _____ C:\Windows\system32\Gfxres.hr-HR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00137889 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00137784 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00137141 _____ C:\Windows\system32\Gfxres.da-DK.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00132623 _____ C:\Windows\system32\Gfxres.en-US.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2016-06-12 16:31 - 2015-05-26 19:52 - 00126300 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00124650 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00000268 _____ C:\Windows\system32\GfxUI.exe.config
2016-06-12 16:31 - 2015-05-26 19:50 - 01981696 _____ C:\Windows\system32\iglhxa64.cpa
2016-06-12 16:31 - 2015-05-26 19:50 - 00059425 _____ C:\Windows\system32\iglhxo64.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00059398 _____ C:\Windows\system32\iglhxg64.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00059230 _____ C:\Windows\system32\iglhxc64.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00059104 _____ C:\Windows\system32\iglhxc64_dev.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00058796 _____ C:\Windows\system32\iglhxg64_dev.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00058109 _____ C:\Windows\system32\iglhxo64_dev.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00001074 _____ C:\Windows\system32\iglhxa64.vp
2016-06-12 16:30 - 2015-06-04 21:20 - 00116224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v4229.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 01049576 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00940360 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00530968 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00525800 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00220432 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00184352 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2016-06-12 16:30 - 2015-05-26 19:53 - 00101376 _____ C:\Windows\system32\igdde64.dll
2016-06-12 16:30 - 2015-05-26 19:53 - 00081408 _____ C:\Windows\SysWOW64\igdde32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 10811392 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00410112 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00384512 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00330752 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00175104 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00009728 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2016-06-12 16:30 - 2015-05-26 19:51 - 13028864 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 03511296 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 03121152 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 00575488 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 00542720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2016-06-12 16:29 - 2016-06-12 16:29 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2016-06-12 16:29 - 2015-06-04 21:21 - 05906536 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00513640 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00444008 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00401512 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00280680 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00256616 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00187496 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00173672 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2016-06-12 16:29 - 2015-05-26 19:50 - 00963452 _____ C:\Windows\SysWOW64\igcodeckrng600.bin
2016-06-12 16:29 - 2015-05-26 19:50 - 00963452 _____ C:\Windows\system32\igcodeckrng600.bin
2016-06-12 16:29 - 2015-05-26 19:50 - 00272928 _____ C:\Windows\SysWOW64\igvpkrng600.bin
2016-06-12 16:29 - 2015-05-26 19:50 - 00272928 _____ C:\Windows\system32\igvpkrng600.bin
2016-06-12 16:29 - 2014-12-11 22:56 - 00033448 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2016-06-12 16:29 - 2014-01-30 17:17 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2016-06-12 16:28 - 2016-06-12 16:28 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ETD_01011.Wdf
2016-06-12 16:27 - 2016-06-12 16:28 - 00000000 ____D C:\Program Files\Elantech
2016-06-12 16:27 - 2015-09-09 22:00 - 00062672 _____ (ELAN Microelectronics Corp.) C:\Windows\system32\ETDCoInstaller15005.dll
2016-06-12 16:27 - 2015-09-09 21:59 - 00577096 _____ (ELAN Microelectronics Corp.) C:\Windows\system32\Drivers\ETD.sys
2016-06-12 16:25 - 2016-06-12 16:25 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-06-12 16:25 - 2016-06-12 16:25 - 00000000 ____D C:\Windows\system32\DAX2
2016-06-12 16:24 - 2016-06-03 07:29 - 72520720 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-06-12 16:24 - 2016-06-03 07:29 - 07172920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 06064046 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-06-12 16:24 - 2016-06-03 07:29 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2016-06-12 16:24 - 2016-06-03 07:29 - 05111040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-06-12 16:24 - 2016-06-03 07:29 - 03283248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 03199744 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 03096248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 02895104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-06-12 16:24 - 2016-06-03 07:29 - 02060032 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 01355616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00965032 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00689888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00677672 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00532384 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00447728 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00231920 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00221968 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00214832 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00209536 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00192984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00166208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00151792 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00134208 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00110984 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00090920 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00088320 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00084616 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00023696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 07096192 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 06264640 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 05339552 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 03282544 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 02050184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01965816 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01959608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01780624 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01591064 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01508936 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01061120 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00743968 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00727440 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00708312 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00678184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00574760 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00504312 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00445400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00441272 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00371456 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00362056 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00330568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00327456 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00310424 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00272720 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00253904 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00253872 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00252880 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00122328 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-06-12 16:23 - 2015-09-17 11:42 - 00463112 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2016-06-12 16:23 - 2015-05-29 16:05 - 00646408 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2016-06-12 16:23 - 2015-05-29 16:05 - 00030960 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2016-06-12 16:22 - 2016-06-12 16:22 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-06-12 16:22 - 2016-03-29 07:01 - 00181304 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2016-06-12 16:21 - 2014-01-10 13:13 - 00082128 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bScsiSDa.sys
2016-06-12 16:21 - 2013-10-29 23:15 - 00458960 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\k57nd60a.sys
2016-06-12 15:50 - 2016-06-12 15:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_b57xdbd_01009.Wdf
2016-06-12 15:50 - 2013-07-23 16:23 - 00059088 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bScsiMSa.sys
2016-06-12 15:50 - 2012-08-13 10:59 - 00072280 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57xdbd.sys
2016-06-12 15:50 - 2012-08-13 10:59 - 00021080 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57xdmp.sys
2016-06-12 15:39 - 2016-06-12 16:35 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-06-12 15:39 - 2016-06-12 15:39 - 00001053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-06-12 15:39 - 2016-06-12 15:39 - 00000000 ____D C:\Users\Sandra Nicola\AppData\Roaming\TeamViewer
2016-06-08 21:43 - 2016-06-12 20:51 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-06-08 21:15 - 2016-06-08 21:15 - 00000000 ____D C:\Users\Sandra Nicola\Downloads\pkeyuibx_v1.5.0
2016-06-08 19:11 - 2016-06-12 12:17 - 00000000 ____D C:\Users\Public\Downloads\Windows 7 Ultimate
2016-06-08 17:13 - 2016-06-09 21:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-04 13:23 - 2016-06-04 13:23 - 00000000 ____D C:\Users\Sany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-04 11:18 - 2016-06-05 11:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-05-29 17:55 - 2016-05-29 17:55 - 00000000 ____D C:\Users\Sany\AppData\Roaming\mp3DirectCut
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-17 20:15 - 2009-07-14 06:45 - 00027840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-17 20:15 - 2009-07-14 06:45 - 00027840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-17 20:14 - 2015-11-04 09:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-17 20:14 - 2014-01-04 17:26 - 00000000 ___RD C:\Users\Sany\Documents\Dropbox
2016-06-17 20:13 - 2013-08-30 23:00 - 00000000 ____D C:\Users\Sany\AppData\Roaming\Skype
2016-06-17 20:08 - 2012-08-29 22:57 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-17 20:08 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-17 19:44 - 2015-06-16 17:01 - 00001220 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002UA.job
2016-06-17 19:42 - 2014-06-12 22:18 - 00000000 ____D C:\Users\UpdatusUser
2016-06-17 19:41 - 2016-05-10 11:32 - 00412840 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-17 19:39 - 2014-12-15 22:40 - 00000000 ____D C:\Windows\system32\appraiser
2016-06-17 19:32 - 2013-08-30 23:11 - 00000000 ____D C:\Users\Sany\AppData\Roaming\vlc
2016-06-17 18:42 - 2013-08-30 23:00 - 00000000 ____D C:\Users\Sany\AppData\Local\Sidebar7
2016-06-17 17:44 - 2015-06-16 17:01 - 00001168 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002Core.job
2016-06-17 14:59 - 2012-08-28 22:46 - 00000000 ____D C:\Users\Sany\Desktop\Neuer Ordner
2016-06-17 14:52 - 2012-08-30 07:36 - 00697522 _____ C:\Windows\system32\perfh007.dat
2016-06-17 14:52 - 2012-08-30 07:36 - 00149458 _____ C:\Windows\system32\perfc007.dat
2016-06-17 14:52 - 2009-07-14 07:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-17 14:52 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-06-17 10:06 - 2013-08-30 22:57 - 00000000 ____D C:\Users\Sany\AppData\Roaming\DVDVideoSoft
2016-06-17 09:35 - 2013-08-31 09:57 - 00000000 ____D C:\Windows\system32\MRT
2016-06-17 09:06 - 2012-08-29 23:27 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-16 22:53 - 2015-09-23 22:59 - 00000071 _____ C:\Users\Sany\Desktop\Schulden.txt
2016-06-16 21:44 - 2015-11-04 09:56 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-16 21:43 - 2012-08-30 22:13 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-16 21:43 - 2012-08-30 22:13 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-16 21:43 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-06-14 23:18 - 2013-08-30 23:27 - 00000000 ____D C:\Users\Sany\Documents\Rezepte
2016-06-14 23:08 - 2013-09-08 13:57 - 00000000 ____D C:\Users\Sany\AppData\Local\FreePDF_XP
2016-06-13 21:01 - 2013-02-26 21:24 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-06-12 22:56 - 2016-05-10 12:12 - 00000000 ____D C:\Users\Sany\Desktop\Grey's Anatomy
2016-06-12 21:58 - 2015-03-23 20:04 - 00000000 __SHD C:\Users\Sany\AppData\LocalLow\EmieUserList
2016-06-12 21:58 - 2015-03-23 20:04 - 00000000 __SHD C:\Users\Sany\AppData\LocalLow\EmieBrowserModeList
2016-06-12 21:58 - 2015-03-23 20:04 - 00000000 __SHD C:\Users\Sany\AppData\Local\EmieUserList
2016-06-12 21:58 - 2015-03-23 20:04 - 00000000 __SHD C:\Users\Sany\AppData\Local\EmieSiteList
2016-06-12 21:58 - 2015-03-23 20:04 - 00000000 __SHD C:\Users\Sany\AppData\Local\EmieBrowserModeList
2016-06-12 21:58 - 2015-02-26 00:26 - 00000000 __SHD C:\Users\Sany\AppData\LocalLow\EmieSiteList
2016-06-12 21:43 - 2012-08-30 21:23 - 00007620 _____ C:\Users\Sandra Nicola\AppData\Local\Resmon.ResmonCfg
2016-06-12 21:18 - 2012-08-29 21:46 - 00000000 ____D C:\Users\Sandra Nicola
2016-06-12 21:12 - 2012-08-29 22:54 - 00000000 ____D C:\Program Files (x86)\Intel
2016-06-12 21:01 - 2012-08-29 23:08 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-06-12 19:21 - 2015-07-10 09:50 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-12 19:20 - 2015-07-10 09:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-06-12 19:20 - 2015-07-10 09:50 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-06-12 16:47 - 2013-08-30 23:00 - 00109680 _____ C:\Users\Sany\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-12 16:43 - 2014-06-12 22:46 - 00000000 ____D C:\Windows\SysWOW64\NV
2016-06-12 16:43 - 2014-06-12 22:46 - 00000000 ____D C:\Windows\system32\NV
2016-06-12 16:26 - 2012-08-29 22:57 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-06-12 10:06 - 2014-04-05 19:49 - 00000000 ____D C:\Users\Sany\Desktop\Drucken
2016-06-09 22:05 - 2015-12-16 01:45 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-09 22:05 - 2012-09-02 14:46 - 00000000 ____D C:\ProgramData\Skype
2016-06-09 21:58 - 2013-04-12 19:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-08 20:44 - 2012-09-09 11:53 - 00000000 ____D C:\Users\Sany\Desktop\Siedler
2016-06-06 20:55 - 2012-08-29 23:13 - 00002201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-04 13:23 - 2014-01-04 17:23 - 00000000 ____D C:\Users\Sany\AppData\Roaming\Dropbox
2016-06-04 09:53 - 2015-07-09 10:20 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-27 10:48 - 2016-03-20 10:49 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-27 10:48 - 2015-04-05 10:27 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-26 21:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-05-24 23:14 - 2015-02-12 11:55 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-20 21:07 - 2013-08-30 23:54 - 00000000 ____D C:\Users\Sany\Documents\Steuerfälle
==================== Files in the root of some directories =======
2012-08-29 22:04 - 2012-08-29 22:04 - 0004264 _____ () C:\Users\Sandra Nicola\AppData\Local\HWVendorDetection.log
2012-08-30 21:23 - 2016-06-12 21:43 - 0007620 _____ () C:\Users\Sandra Nicola\AppData\Local\Resmon.ResmonCfg
2012-10-02 17:17 - 2016-05-02 08:58 - 0000211 _____ () C:\ProgramData\acer.zip
2016-06-12 16:25 - 2016-06-12 16:25 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Files to move or delete:
====================
C:\Users\Sany\biing2.exe
Some files in TEMP:
====================
C:\Users\Sandra Nicola\AppData\Local\Temp\libeay32.dll
C:\Users\Sandra Nicola\AppData\Local\Temp\msvcr120.dll
C:\Users\Sandra Nicola\AppData\Local\Temp\sqlite3.dll
C:\Users\Sany\AppData\Local\Temp\gkey.exe
C:\Users\Sany\AppData\Local\Temp\pkeyui.exe
C:\Users\Sany\AppData\Local\Temp\wabk.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-05-10 14:17
==================== End of FRST.txt ============================
--- --- --- |
|
17.06.2016, 19:29
| #7 |
| | System reagiert(e) träge, Funde mit Adwcleaner und MalwarebytesCode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version:16-06-2016 01
Ran by Sandra Nicola (2016-06-17 20:18:51)
Running from C:\Users\Sany\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2012-08-29 19:46:53)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3682184643-4074992415-2154467960-500 - Administrator - Disabled)
Guest (S-1-5-21-3682184643-4074992415-2154467960-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3682184643-4074992415-2154467960-1004 - Limited - Enabled)
Sandra Nicola (S-1-5-21-3682184643-4074992415-2154467960-1000 - Administrator - Enabled) => C:\Users\Sandra Nicola
Sany (S-1-5-21-3682184643-4074992415-2154467960-1002 - Limited - Enabled) => C:\Users\Sany
UpdatusUser (S-1-5-21-3682184643-4074992415-2154467960-1043 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
1.3M HD WebCam (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.3.6.04 - SunplusIT)
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1216 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1216 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3000 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Amazon Amazon Music) (Version: 3.11.5.1140 - Amazon Services LLC)
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 11.2.2262 - AVAST Software)
Benutzerhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Useg) (Version: - )
Biing! 2 Version 1.8 (HKLM-x32\...\{D31EEA07-5033-4A7B-BC48-B57F69C8FA15}_is1) (Version: 1.8 - Reline)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.6059 - CDBurnerXP)
Die Siedler IV (HKLM-x32\...\S4Uninst) (Version: - )
Dropbox (HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Dropbox) (Version: 4.4.29 - Dropbox, Inc.)
ELAN Touchpad 15.6.3.3_X64_WHQL (HKLM\...\Elantech) (Version: 15.6.3.3 - ELAN Microelectronic Corp.)
Epson Easy Photo Print 2 (HKLM-x32\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX235 Series Printer Uninstall (HKLM\...\EPSON SX235 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.6.0 - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Fotor 3.0.0 (HKLM-x32\...\Fotor) (Version: 3.0.0 - Everimaging Co., Ltd.)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free Studio version 6.5.5.915 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.5.915 - DVDVideoSoft Ltd.)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.0.3.1019 - DVDVideoSoft Ltd.)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.0.10.1211 - DVDVideoSoft Ltd.)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java SE Development Kit 7 Update 71 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170710}) (Version: 1.7.0.710 - Oracle)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 7.0 (HKLM-x32\...\{DE59B901-18EA-4CB9-ADE4-291BF5C1E12E}_is1) (Version: - MiniTool Solution Ltd.)
Miranda Fusion 3.2.35.0 (HKLM-x32\...\MirandaFusion) (Version: 3.2.35.0 - Miranda Fusion Team)
mIRC (HKLM-x32\...\mIRC) (Version: 7.1 - mIRC Co. Ltd.)
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
Mozilla Thunderbird 45.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.1.1 (x86 de)) (Version: 45.1.1 - Mozilla)
NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
Netzwerkhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Netg) (Version: - )
NVIDIA Grafiktreiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
Opera 12.15 (HKLM-x32\...\Opera 12.15.1748) (Version: 12.15.1748 - Opera Software ASA)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.0 - Frank Heindörfer, Philip Chinery)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7836 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: - )
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steuer-Software 2013 (HKLM-x32\...\{3193DDB1-8F15-43DA-85D5-4796BF645914}) (Version: 18.09 - Wolters Kluwer Deutschland GmbH)
Steuer-Software 2014 (HKLM-x32\...\{77D53A25-9700-42C7-8305-8E469FEBEE30}) (Version: 19.10.89 - Akademische Arbeitsgemeinschaft)
Steuer-Software 2015 (HKLM-x32\...\{8D59E108-081D-4F4F-84EF-0132479C25C6}) (Version: 20.38.173 - Akademische Arbeitsgemeinschaft)
Steuer-Software 2016 (HKLM-x32\...\{700B1B66-851B-4DA2-9233-1F14602CFA6F}) (Version: 21.34.95 - Akademische Arbeitsgemeinschaft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.0 - Synaptics Incorporated)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Win7codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 2.4.2 - Shark007)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Wuala (HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Wuala) (Version: 1.0.444.0 - LaCie)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => No File
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => No File
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => No File
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => No File
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Sany\AppData\Local\Microsoft\Windows Sidebar\Gadgets\sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04397A23-DFC7-480E-BD5A-4146F04E1641} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {35D990BA-622F-4FBF-AF80-3B9F19812768} - System32\Tasks\Wise Care 365 PC Checkup Task => C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe
Task: {388D6C50-8D70-43FF-BFE8-7327D31F8A4B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {404B6DC8-BA8F-4784-A1BD-B960A215CA4D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {4F7F859F-0DDB-4325-9E96-55559992F663} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-04-05] (Acer Incorporated)
Task: {61FC3F73-1286-49B8-A6DF-1FBD23CB1F1A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-04] (AVAST Software)
Task: {765D315B-55BA-4F63-967B-D6850AFCC108} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-05] (AVAST Software)
Task: {CAB6E484-18DA-4A3D-99D3-B8526EE3D186} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002UA => C:\Users\Sany\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {DD3C22FB-15E3-4277-B2A8-3B6C8721E333} - System32\Tasks\SafeZone scheduled Autoupdate 1458763563 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {DE68D6AA-9A2A-4DAC-855C-5AD0789FB1D8} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002Core => C:\Users\Sany\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {FACA77E6-48B3-4C60-AADC-EFACFA3F5749} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-16] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002Core.job => C:\Users\Sany\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002UA.job => C:\Users\Sany\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Wise Care 365 PC Checkup Task.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Sandra Nicola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl
==================== Loaded Modules (Whitelisted) ==============
2014-06-12 22:17 - 2013-11-11 17:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-09-05 21:37 - 2010-06-17 21:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2008-10-24 17:35 - 2008-10-24 17:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2011-03-26 08:28 - 2011-03-26 08:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-08-14 16:55 - 2015-11-18 23:36 - 05890368 _____ () C:\Users\Sany\AppData\Local\Amazon Music\Amazon Music Helper.exe
2016-05-04 19:42 - 2016-05-04 19:42 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-05-04 19:41 - 2016-05-04 19:41 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-17 12:48 - 2016-06-17 12:48 - 02934784 _____ () C:\Program Files\AVAST Software\Avast\defs\16061700\algo.dll
2016-05-04 19:42 - 2016-05-04 19:42 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-05-04 19:42 - 2016-05-04 19:42 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-09-06 20:13 - 2015-12-11 03:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-09-06 20:14 - 2015-12-11 03:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-09-06 20:14 - 2015-12-11 03:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-09-06 20:14 - 2015-12-11 03:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-09-06 20:14 - 2015-12-11 03:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-09-06 20:14 - 2015-12-11 03:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-05-19 22:30 - 2016-05-19 22:30 - 00060928 _____ () C:\Program Files (x86)\MirandaFusion\zlib.dll
2008-05-03 09:59 - 2008-05-03 09:59 - 00094208 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\svc_dbepp.dll
2009-08-04 09:46 - 2009-08-04 09:46 - 00162304 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\actman.dll
2009-05-08 23:42 - 2009-05-08 23:42 - 00067072 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\authstate.dll
2010-02-10 20:42 - 2010-02-10 20:42 - 00117760 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\extraicons.dll
2013-03-15 10:27 - 2013-03-15 10:27 - 00322048 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\facebook.dll
2010-09-28 17:59 - 2010-09-28 17:59 - 00498688 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\fingerprint.dll
2012-05-24 20:20 - 2012-05-24 20:20 - 00110592 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\folders.dll
2016-05-19 22:42 - 2016-05-19 22:42 - 00326144 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\icq.dll
2016-05-19 22:32 - 2016-05-19 22:32 - 00318976 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\irc.dll
2011-02-09 23:56 - 2011-02-09 23:56 - 00082021 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\keepstatus.dll
2010-08-26 18:27 - 2010-08-26 18:27 - 00062976 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\menuex.dll
2012-07-18 20:39 - 2012-07-18 20:39 - 00106496 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\metacontacts.dll
2011-07-17 19:07 - 2011-07-17 19:07 - 00671232 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\mirotr.dll
2010-04-08 20:33 - 2010-04-08 20:33 - 00240128 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\sendss.dll
2011-09-13 15:59 - 2011-09-13 15:59 - 00094315 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\startupstatus.dll
2012-11-05 22:48 - 2012-11-05 22:48 - 00372736 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\twitter.dll
2010-10-10 11:12 - 2010-10-10 11:12 - 00374272 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\uinfoexw.dll
2009-10-09 09:04 - 2009-10-09 09:04 - 00036864 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\useactions.dll
2011-09-13 15:59 - 2011-09-13 15:59 - 00114688 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\variables.dll
2010-07-17 10:16 - 2010-07-17 10:16 - 00283136 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\watrack.dll
2015-12-20 12:35 - 2015-12-20 12:36 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-06-04 13:23 - 2016-05-05 12:09 - 00034768 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-06-04 13:22 - 2016-05-05 12:10 - 00019408 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-06-04 13:22 - 2016-05-05 12:09 - 00116688 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-06-04 13:23 - 2016-05-05 12:09 - 00093640 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-06-04 13:23 - 2016-05-05 12:09 - 00018376 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\select.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00019760 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00105928 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-06-04 13:22 - 2016-05-05 12:09 - 00392144 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-06-04 13:23 - 2016-05-31 20:34 - 00381752 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-06-04 13:23 - 2016-05-05 12:09 - 00692688 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00020816 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-06-04 13:23 - 2016-05-05 12:10 - 00123856 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 01682760 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00020808 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00021840 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00038696 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-06-04 13:22 - 2016-05-05 12:11 - 00020936 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00024528 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00114640 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00124880 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00021832 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00024016 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00175560 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00030160 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00043472 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00048592 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00023872 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-06-04 13:22 - 2016-05-05 12:09 - 00134088 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00026456 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00057808 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00024016 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-06-04 13:22 - 2016-05-31 20:33 - 00246592 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00028616 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00052024 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-06-04 13:23 - 2016-05-05 12:09 - 00134608 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-06-04 13:22 - 2016-05-05 12:10 - 00240584 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00020800 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00019776 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00020800 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00020280 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00023376 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00350152 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00022352 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00024392 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-06-04 13:22 - 2016-05-05 12:12 - 00036296 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\librsync.dll
2016-06-04 13:22 - 2016-05-31 20:34 - 00084280 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-06-04 13:22 - 2016-05-31 20:34 - 01826096 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-06-04 13:23 - 2016-05-05 12:10 - 00083912 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\sip.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 03928880 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 01971504 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00531248 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00132912 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00223544 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00207672 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00060880 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00024904 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00546096 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00357680 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-06-06 20:55 - 2016-06-04 03:56 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libglesv2.dll
2016-06-06 20:55 - 2016-06-04 03:56 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sandra Nicola\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Sany\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{9A0CF582-0842-415F-97A1-14A654C6F136}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{FCED189B-2A51-4C48-81F4-9BA024D2FFF7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [TCP Query User{237545CD-8E8F-46C2-8ACB-A678244FC57A}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{E5A34E10-5039-418C-AA4C-02B16C69857C}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [{F6B11CC8-4FC3-4387-BE59-D571144FA32E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{7AC80160-79F7-44FF-80BC-DBF3DB9269F5}C:\program files (x86)\mirc\mirc.exe] => (Block) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{D0BF65DD-9224-4195-BEB8-48325C09653E}C:\program files (x86)\mirc\mirc.exe] => (Block) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [TCP Query User{C7F6AE34-7668-4B93-9D6D-41985EF010EF}C:\program files (x86)\mirandafusion\miranda32.exe] => (Block) C:\program files (x86)\mirandafusion\miranda32.exe
FirewallRules: [UDP Query User{72A764F2-9306-4FAA-9C47-5A96B0605D8B}C:\program files (x86)\mirandafusion\miranda32.exe] => (Block) C:\program files (x86)\mirandafusion\miranda32.exe
FirewallRules: [TCP Query User{7F05617C-9138-4983-9389-2109B875F7FE}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{89B536E7-87FF-40AA-8251-2592CDC1D51D}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{4123086B-6697-4B43-BD16-010618B721FB}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{0EBC3C2E-AB9C-4B23-A8FF-A70A01DD7080}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{84251E9D-B8A6-4300-B08E-92EE91156D48}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{A963B6E5-838A-44FC-84DF-2B80331443A6}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{71FC902B-09B2-4C10-983E-B41930E91B68}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{E2BD0630-B9D9-4B77-AEF5-C89EBFE82AAF}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [{BD89FB5C-1A7E-4879-A06E-BC0D24FB6A1A}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{BB312A91-45EC-4701-A552-671E652913C0}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [TCP Query User{3E9183B8-DD4F-4779-8FB9-B07D116267C8}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{9F2B7316-C788-491F-80B8-D4FA029717BF}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{BC62D37A-7E3E-4C09-AE24-10D37C0E7885}] => (Allow) C:\Users\Sany\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{38005A59-206E-444D-826A-B3C973D53BC5}] => (Allow) C:\Users\Sany\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{C66CEDA0-34C3-4673-97C7-507520BE12CA}C:\users\sany\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sany\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{225EBDE7-F54A-4FE3-9E31-0EAAE9BA0A0E}C:\users\sany\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sany\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{A9E135AD-9189-45CA-A4A6-52C2A33BA576}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{8659C8BA-C315-47E2-8D57-CCB279D35015}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{EDA315FD-4162-4F1D-AEBA-8031807924A2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{DE8408C6-C881-460D-93CC-0B5F457F92CE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{D328A208-F129-4F7B-A4C4-15C4673B0E90}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{CAC0DB41-3206-4799-A826-144E7DC67A28}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{0554891A-4EA7-47A8-9F47-C75E1074C365}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BFE2DA77-0714-494F-A849-173008D83F25}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{C50E5472-57FE-4D9C-8143-28A3C496AC79}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{D6021033-8E01-4D45-B014-32D0215F6AC0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{5240FB5F-93E9-46EA-9023-75D1DA3B4B01}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5371A095-407B-4645-915B-A6968D6C93C6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B53C6CD7-C266-47FA-AAF5-431D86BBDFD2}] => (Allow) LPort=5556
FirewallRules: [{9B9EB6EB-B6CF-406D-85F1-6522EFEC3AC0}] => (Allow) LPort=5558
FirewallRules: [{64EC39E4-9F0C-475A-9C74-46EA0D3B5B6D}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{CE7348D5-3868-41D1-9870-FE8F0C9DB4FC}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{8D273D0A-9A26-435E-9BA3-282F9BA80BCE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{57D894D6-149C-400C-88F3-5C66583CCCA9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{94AB55FB-7C15-4F5E-B436-6C7080EAF7DE}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Config V4\ENConfig.exe
FirewallRules: [{B30C533C-C81C-4522-88C7-0E02EBAF0580}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Config V4\ENConfig.exe
FirewallRules: [TCP Query User{DA48D2EB-AF84-4B7A-941C-4BF138A942AB}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{FA836D36-3023-412A-83FC-B9FBC396FD87}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [TCP Query User{67977728-DBCF-47F1-B5E2-525DF228E576}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{60C4E4DC-1CC6-4B41-96A3-9E09AC67BE9E}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{3BB1637D-9740-4A87-8CAB-D53727C00C35}C:\bluebyte\die siedler iv\exe\s4_main.exe] => (Block) C:\bluebyte\die siedler iv\exe\s4_main.exe
FirewallRules: [UDP Query User{C15E4FCC-B746-4935-8E4E-0A0F3FFC75D7}C:\bluebyte\die siedler iv\exe\s4_main.exe] => (Block) C:\bluebyte\die siedler iv\exe\s4_main.exe
FirewallRules: [{8954813C-A257-4146-BC74-0CB6C6E91114}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{8B76A7AD-078F-41DD-9B36-90113B1DB1C7}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{10422358-E789-4EE7-BE5C-F1E5906113BF}] => (Allow) C:\Program Files (x86)\MirandaFusion\miranda32.exe
FirewallRules: [{2F885933-905F-44A5-BE62-D0B438331F61}] => (Allow) C:\Program Files (x86)\MirandaFusion\miranda32.exe
FirewallRules: [{13D86C52-AE3D-49BA-AD7A-E1135B05BC88}] => (Allow) C:\Program Files (x86)\MirandaFusion\fusiontools\updater.exe
FirewallRules: [{CA9B7285-2895-4A8D-872E-DCDF071C628C}] => (Allow) C:\Program Files (x86)\MirandaFusion\fusiontools\updater.exe
FirewallRules: [{A93D1EC0-9BDB-4AB7-B060-6CCEB4823E4B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{8113944F-77DD-45B2-9FD8-250C08111E65}C:\users\public\downloads\snappy driver installer\sdi_r454\sdi_r454\sdi_x64_r454.exe] => (Allow) C:\users\public\downloads\snappy driver installer\sdi_r454\sdi_r454\sdi_x64_r454.exe
FirewallRules: [UDP Query User{664D13CA-FD37-4B59-B5F9-BD3EA501F9EF}C:\users\public\downloads\snappy driver installer\sdi_r454\sdi_r454\sdi_x64_r454.exe] => (Allow) C:\users\public\downloads\snappy driver installer\sdi_r454\sdi_r454\sdi_x64_r454.exe
FirewallRules: [TCP Query User{1FEFA7E8-E89C-419A-8226-EAC38CF1F1E4}C:\users\sany\desktop\sdi_r454\sdi_r454\sdi_x64_r454.exe] => (Allow) C:\users\sany\desktop\sdi_r454\sdi_r454\sdi_x64_r454.exe
FirewallRules: [UDP Query User{AEFFE97E-CF2C-43F3-8793-A8F4F995535C}C:\users\sany\desktop\sdi_r454\sdi_r454\sdi_x64_r454.exe] => (Allow) C:\users\sany\desktop\sdi_r454\sdi_r454\sdi_x64_r454.exe
FirewallRules: [{D5FD2EE5-8B49-4102-A4BD-0B5839FDB1CA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4FCCF01D-5B90-470B-9496-BC2049F6FF53}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{700A3990-5DE0-4218-919F-D5855ECDDE38}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BBA2A12F-A324-489C-8DDC-7239B2E493EB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Restore Points =========================
10-06-2016 21:15:45 Windows Update
12-06-2016 16:20:06 Installed drivers
12-06-2016 19:19:43 Removed Windows 7 USB/DVD Download Tool
12-06-2016 19:29:38 Removed Dolby Advanced Audio v2
12-06-2016 19:31:42 Installed Dolby Advanced Audio v2
12-06-2016 21:02:23 Removed Dolby Advanced Audio v2
15-06-2016 09:12:14 Windows Update
17-06-2016 08:47:42 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/17/2016 08:08:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/17/2016 07:43:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/17/2016 07:42:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/12/2016 09:13:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/12/2016 08:53:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/12/2016 08:32:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/12/2016 07:35:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/12/2016 04:50:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/12/2016 04:38:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/12/2016 04:18:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SDI_x64_R454.exe, Version: 0.3.0.454, Zeitstempel: 0x575300a6
Name des fehlerhaften Moduls: SDI_x64_R454.exe, Version: 0.3.0.454, Zeitstempel: 0x575300a6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002c359
ID des fehlerhaften Prozesses: 0x934
Startzeit der fehlerhaften Anwendung: 0xSDI_x64_R454.exe0
Pfad der fehlerhaften Anwendung: SDI_x64_R454.exe1
Pfad des fehlerhaften Moduls: SDI_x64_R454.exe2
Berichtskennung: SDI_x64_R454.exe3
System errors:
=============
Error: (06/17/2016 08:09:57 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.
Error: (06/17/2016 08:08:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Wise Boot Assistant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2 = Das System kann die angegebene Datei nicht finden.
Error: (06/17/2016 08:08:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VBoxAsw Support Driver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3 = Das System kann den angegebenen Pfad nicht finden.
Error: (06/17/2016 07:48:09 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (06/17/2016 07:42:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Wise Boot Assistant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2 = Das System kann die angegebene Datei nicht finden.
Error: (06/17/2016 07:42:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VBoxAsw Support Driver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3 = Das System kann den angegebenen Pfad nicht finden.
Error: (06/17/2016 07:37:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Restart the service.
Error: (06/17/2016 07:37:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/17/2016 07:37:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player Network Sharing Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Restart the service.
Error: (06/17/2016 07:37:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Restart the service.
CodeIntegrity:
===================================
Date: 2013-02-26 21:36:26.227
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-02-26 21:36:26.187
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-02-26 21:36:24.056
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-02-26 21:36:24.022
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-02-26 21:36:21.967
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-02-26 21:36:21.938
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-02-26 21:36:19.880
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-02-26 21:36:19.856
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-02-26 21:36:17.787
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-02-26 21:36:17.764
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 41%
Total physical RAM: 8043.86 MB
Available physical RAM: 4739.05 MB
Total Virtual: 16085.9 MB
Available Virtual: 12623 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:465.66 GB) (Free:205.86 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 444A0486)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
|
|
19.06.2016, 13:47
| #8 |
| /// Malwareteam | System reagiert(e) träge, Funde mit Adwcleaner und MalwarebytesESET Online Scanner
Hinweis: Dieser Scan kann schon einmal mehrere Stunden dauern...
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
20.06.2016, 19:25
| #9 |
| | System reagiert(e) träge, Funde mit Adwcleaner und MalwarebytesCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a84eda532cdc534ca70f276a7dba289a
# end=init
# utc_time=2016-06-19 08:58:39
# local_time=2016-06-19 10:58:39 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 29848
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a84eda532cdc534ca70f276a7dba289a
# end=updated
# utc_time=2016-06-19 09:01:50
# local_time=2016-06-19 11:01:50 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=a84eda532cdc534ca70f276a7dba289a
# engine=29848
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-06-20 06:21:48
# local_time=2016-06-20 08:21:48 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=779 16777213 85 70 704710 230867398 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 704865 218076758 0 0
# scanned=311969
# found=4
# cleaned=0
# scan_time=76796
sh=B975036D8399E74F6C960896A0EA4630455FCD03 ft=1 fh=3fd17a3606893100 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Downloads\Sidebar\SoftonicDownloader_fuer_7-sidebar-gadget.exe"
sh=10E120C8FB3F82D44EC9812F8D84157CC1D63B8C ft=1 fh=2e2da38de0b32da0 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Downloads\Video Schnipsel Progs\Free3GPVideoConverter.exe"
sh=B7FB9D7C81DA7006819C6F9ACA009A84F402341B ft=1 fh=3ae72d4148cf79f7 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Downloads\Video Schnipsel Progs\FreeStudio.exe"
sh=DE98478DC86D276347A339E1D820DB20DB1B6781 ft=1 fh=34da6ca21dfe1451 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Downloads\Video Schnipsel Progs\FreeVideoDub.exe"
|
|
21.06.2016, 10:45
| #10 |
| /// Malwareteam | System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\Sany\biing2.exe
emptytemp:
C:\Users\Public\Downloads\Sidebar\SoftonicDownloader_fuer_7-sidebar-gadget.exe
C:\Users\Public\Downloads\Video Schnipsel Progs\Free3GPVideoConverter.exe
C:\Users\Public\Downloads\Video Schnipsel Progs\FreeStudio.exe
C:\Users\Public\Downloads\Video Schnipsel Progs\FreeVideoDub.exe
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
 Hast du noch irgendwelche Probleme mit deinem Rechner?
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
| Themen zu System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes |
| .com, antivirus, browser, defender, desktop, dnsapi.dll, firefox, flash player, google, google analytics, homepage, internet, internet explorer, logfile, mozilla, performance, popups, realtek, registry, rundll, security, server, services.exe, software, svchost.exe, system, windows |
Linear-Darstellung
